azaion/gps-denied-onboard
1
0
Fork 0
mirror of https://github.com/azaion/gps-denied-onboard.git synced 2026-04-22 09:16:38 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
6ff14a1a7d13f837575c7e0bb149f6a4dd25a7e3
gps-denied-onboard/.claude/commands/plan/templates/security-tests.md
T
Yuzviak 6ff14a1a7d chore: import .claude command skills, CLAUDE.md, .gitignore, next_steps.md 
- Vendor local .claude/ command skills (autopilot, plan, implement, etc.)
- Add CLAUDE.md pointing slash commands to .claude/commands/*/SKILL.md
- Untrack docs-Lokal/ and ignore .planning/ for local-only planning docs
- Include next_steps.md pulled from upstream

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-16 21:39:43 +03:00

818 B
Raw Blame History

Security Tests Template

Save as DOCUMENT_DIR/tests/security-tests.md.

# Security Tests

### NFT-SEC-01: [Test Name]

**Summary**: [What security property this validates]
**Traces to**: AC-[ID], RESTRICT-[ID]

**Steps**:

| Step | Consumer Action | Expected Response |
|------|----------------|------------------|
| 1 | [attempt unauthorized access / injection / etc.] | [rejection / no data leak / etc.] |

**Pass criteria**: [specific security outcome]

Guidance Notes

  • Security tests at blackbox level focus on black-box attacks (unauthorized API calls, malformed input), not code-level vulnerabilities.
  • Verify the system remains operational after security-related edge cases (no crash, no hang).
  • Test authentication/authorization boundaries from the consumer's perspective.
Reference in New Issue View Git Blame Copy Permalink