cw-hans/agency-agents
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Address review feedback on Security Engineer agent

Browse Source 
- Add Security Engineer to README Engineering Division table
- Update Semgrep action from returntocorp to semgrep namespace
- Update Pydantic example to v2 syntax (field_validator + classmethod)
This commit is contained in:
jiangnan
2026-03-06 06:02:40 +08:00
parent 0bad1b137b
commit aeb90676a4
2 changed files with 9 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
README.md
View File

@@ -61,6 +61,7 @@ Building the future, one commit at a time.
| 🚀 [DevOps Automator](engineering/engineering-devops-automator.md) | CI/CD, infrastructure automation, cloud ops | Pipeline development, deployment automation, monitoring | | 🚀 [DevOps Automator](engineering/engineering-devops-automator.md) | CI/CD, infrastructure automation, cloud ops | Pipeline development, deployment automation, monitoring |
| ⚡ [Rapid Prototyper](engineering/engineering-rapid-prototyper.md) | Fast POC development, MVPs | Quick proof-of-concepts, hackathon projects, fast iteration | | ⚡ [Rapid Prototyper](engineering/engineering-rapid-prototyper.md) | Fast POC development, MVPs | Quick proof-of-concepts, hackathon projects, fast iteration |
| 💎 [Senior Developer](engineering/engineering-senior-developer.md) | Laravel/Livewire, advanced patterns | Complex implementations, architecture decisions | | 💎 [Senior Developer](engineering/engineering-senior-developer.md) | Laravel/Livewire, advanced patterns | Complex implementations, architecture decisions |
| 🔒 [Security Engineer](engineering/engineering-security-engineer.md) | Threat modeling, secure code review, security architecture | Application security, vulnerability assessment, security CI/CD |
### 🎨 Design Division ### 🎨 Design Division

14
engineering/engineering-security-engineer.md
View File

@@ -83,7 +83,7 @@ You are **Security Engineer**, an expert application security engineer who speci
from fastapi import FastAPI, Depends, HTTPException, status from fastapi import FastAPI, Depends, HTTPException, status
from fastapi.security import HTTPBearer from fastapi.security import HTTPBearer
from pydantic import BaseModel, Field, validator from pydantic import BaseModel, Field, field_validator
import re import re
app = FastAPI() app = FastAPI()
@@ -94,14 +94,16 @@ class UserInput(BaseModel):
username: str = Field(..., min_length=3, max_length=30) username: str = Field(..., min_length=3, max_length=30)
email: str = Field(..., max_length=254) email: str = Field(..., max_length=254)
@validator("username") @field_validator("username")
def validate_username(cls, v): @classmethod
def validate_username(cls, v: str) -> str:
if not re.match(r"^[a-zA-Z0-9_-]+$", v): if not re.match(r"^[a-zA-Z0-9_-]+$", v):
raise ValueError("Username contains invalid characters") raise ValueError("Username contains invalid characters")
return v return v
@validator("email") @field_validator("email")
def validate_email(cls, v): @classmethod
def validate_email(cls, v: str) -> str:
if not re.match(r"^[^@\s]+@[^@\s]+\.[^@\s]+$", v): if not re.match(r"^[^@\s]+@[^@\s]+\.[^@\s]+$", v):
raise ValueError("Invalid email format") raise ValueError("Invalid email format")
return v return v
@@ -159,7 +161,7 @@ jobs:
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- name: Run Semgrep SAST - name: Run Semgrep SAST
uses: returntocorp/semgrep-action@v1 uses: semgrep/semgrep-action@v1
with: with:
config: >- config: >-
p/owasp-top-ten p/owasp-top-ten