From 7b6bf8cad06b37ce05e3243a56563ef1f631c627 Mon Sep 17 00:00:00 2001
From: krishn404 <maharshikrishnakant@gmail.com>
Date: Fri, 17 Oct 2025 01:28:31 +0530
Subject: [PATCH] feat: add Security & Compliance category

- Added 10 security-focused prompts
- Includes CVE scanning, input validation, rate limiting
- Covers authentication, SQL injection, CORS, and secrets detection
- Added section to Table of Contents
---
 README.md | 32 +++++++++++++++++++++++++++++++-
 1 file changed, 31 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index c983c6a..f6f6b51 100644
--- a/README.md
+++ b/README.md
@@ -20,12 +20,12 @@
 - [Documentation](#documentation)
 - [Testing](#testing)
 - [Package Management](#package-management)
+- [Security & Compliance](#security--compliance)  <!-- ADD THIS LINE -->
 - [AI-Native Tasks](#ai-native-tasks)
 - [Context](#context)
 - [Fun \& Experimental](#fun--experimental)
 - [Start from Scratch](#start-from-scratch)
 - [Contributing](#contributing)
-
 ---
 
 ## Everyday Dev Tasks
@@ -135,7 +135,37 @@
 - `// Set up Renovate or Dependabot for auto-updates`
   <sub>Best for active projects with CI/CD.</sub>
 
+## Security & Compliance
+
+- `// Scan dependencies for known CVEs and security vulnerabilities`
+  <sub>Security audits for npm, pip, Maven, or other package managers.</sub>
+
+- `// Add input validation to {these specific} API endpoints`
+  <sub>REST APIs or GraphQL endpoints needing request validation.</sub>
+
+- `// Implement rate limiting for {this specific} service`
+  <sub>Express, FastAPI, Flask, or Django apps preventing abuse.</sub>
+
+- `// Add security headers to HTTP responses (CSP, HSTS, X-Frame-Options)`
+  <sub>Web applications requiring production-ready security configuration.</sub>
+
+- `// Audit this code for SQL injection vulnerabilities`
+  <sub>Database-heavy applications with dynamic queries.</sub>
+
+- `// Generate a SECURITY.md with vulnerability reporting guidelines`
+  <sub>Open-source projects needing security disclosure policies.</sub>
+
+- `// Add JWT-based authentication middleware to these routes`
+  <sub>APIs requiring token-based authentication and authorization.</sub>
+
+- `// Implement CORS configuration for these endpoints`
+  <sub>Web APIs needing cross-origin resource sharing setup.</sub>
+
+- `// Add HTTPS/SSL configuration to this server setup`
+  <sub>Production deployments requiring encrypted connections.</sub>
 
+- `// Check for hardcoded secrets and credentials in this codebase`
+  <sub>Security-conscious projects preventing credential leaks.</sub>
 
 ## AI-Native Tasks