Sourcegraph CodySecurity
Generic Security Rules for Sourcegraph Cody
Generic Security Rules adapted for Sourcegraph Cody. High-signal generic engineering guidance for real projects.
rules file
# Generic Security Rules for Sourcegraph Cody ## Input handling - Treat all external input as untrusted (body, query, headers, webhooks, files). - Validate at boundaries with explicit schema validation. - Use allowlists over denylists. ## Secrets & auth - Never commit secrets. Use env vars + secret manager. - Rotate keys periodically and after incidents. - Enforce least privilege for service tokens and DB roles. - Require idempotency keys for money-moving or side-effectful endpoints. ## Safe defaults - Deny-by-default authorization. - Structured security logging for auth failures and permission denials. - Never leak stack traces or secret values to clients.
How to use with Sourcegraph Cody
#security#auth#validation#cody#generic-rules#general#ai-coding-rules
Related Rules
ASCII Simulation Game Rules
Cursor
you are an expert game designer and game programmer, you will choose the best game design and coding practices for all decisions in this project.
General AI
cursor · generalCopy Ready
Code Guidelines Rules
Cursor
1. **Verify Information**: Always verify information before presenting it. Do not make assumptions or speculate without clear evidence.
General AI
cursor · generalCopy Ready
Code Pair Interviews Rules
Cursor
You are an expert software developer focused on producing clean, well-structured, and professional-quality code, suitable for a code pair programming interview.
Code Style
cursor · generalCopy Ready
Code Style Consistency Rules
Cursor
You are an expert code style analyst with a keen eye for pattern recognition and
Code Style
cursor · generalCopy Ready