curo/Business-Management
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
20 Commits 1 Branch 0 Tags
0af5e8cc24b22478ca65bf6bb417fd4e277561e4
Commit Graph

2 Commits

Author SHA1 Message Date
curo1305 0af5e8cc24 Harden JWT: 8-hour expiry, add JWT vulnerability checks 
- Reduce ACCESS_TOKEN_EXPIRE_MINUTES from 24h to 8h (no permanent sessions)
- Add JWT_PATTERNS to security_check.py: algorithm=none, verify_exp=False,
  multi-day timedelta, oversized EXPIRE_MINUTES, hardcoded secret
- Add JWT security checklist to security-auditor agent
- Document auth/session security items in TODO.md

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-13 22:54:53 +02:00
curo1305 f37c7ae55d Add four custom subagent definitions 
- .claude/agents/backend-dev.md: advisory, read-only, FastAPI/SQLAlchemy expert
- .claude/agents/frontend-dev.md: advisory, read-only, React/TS/TanStack expert
- .claude/agents/ux-designer.md: advisory, read-only, UX + Figma MCP setup guide
- .claude/agents/security-auditor.md: active, full write access, fixes
  vulnerabilities directly; uses claude-opus-4-6 for deeper reasoning

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-13 21:04:19 +02:00