The Defensive OpSec Operating Standard

Version 1.0.1 · MIT-licensed · deep-linkable by anchor

A defensive-OpSec operating standard for AI coding agents that perform security review. Five rules — authorization and scope, threat-sketch first, defensive evidence only, standards as vocabulary, honest uncertainty. Four templates — finding packet, INFO.md rubric, scan gate, run closeout. Tool-agnostic in principle; first vehicle is Vercel's deepsec.

Maps to OWASP ASVS 5.0, OWASP WSTG 4.2, the OWASP Threat Modeling Cheat Sheet, NIST SP 800-218 (SSDF v1.1) and 800-218A, NIST AI RMF (AI 100-1) + Generative AI Profile (AI 600-1), CISA Secure by Design and the 2025 CISA SBOM Minimum Elements, SLSA v1.2, OpenSSF Scorecard, Sigstore, FIRST CVSS v4.0, the OWASP GenAI Security Project (LLM Top 10 2025 + Agentic Security Initiative), ISO/IEC 29147 / 30111 / TR 5895, and SEC Reg S-K Item 106 / Form 8-K Item 1.05.

Anchor URLs (citable, stable, deep-linkable)

• /standard.md#authorization — Rule 1
• /standard.md#threat-sketch — Rule 2
• /standard.md#defensive-evidence — Rule 3
• /standard.md#standards — Rule 4
• /standard.md#honest-uncertainty — Rule 5
• /standard.md#finding-packet — Finding packet (12 fields)
• /standard.md#info-rubric — INFO.md rubric
• /standard.md#scan-gate — Scan gate
• /standard.md#closeout — Run closeout
• /standard.md#surviving-claude-md — Absorption-resistance design
• /standard.md#adopt — Adoption paths

Adopt in 60 seconds

npx skills add johndfowler/deepsec-skill

Or paste the four-line block from /standard/claude-md-snippet.md into your repo's CLAUDE.md. Or fork the templates into your own AppSec runbook — MIT.

Versioning

v1.0.1 stays at /standard.md and /standard permanently. Future revisions land at /standard/v2.md etc.; existing citations don't rot. Programmatic enforcement via an MCP server is on the v2.0 roadmap, contingent on adoption signal — v1.0.1 is the discipline; v2.0 may be the gate.