Use when building secure AI pipelines or hardening LLM integrations. Defense-in-depth implements 8 validation layers from edge to storage with no single point of failure.
View on GitHubyonatangross/skillforge-claude-plugin
ork
January 25, 2026
Select agents to install to:
npx add-skill https://github.com/yonatangross/skillforge-claude-plugin/blob/main/skills/defense-in-depth/SKILL.md -a claude-code --skill defense-in-depthInstallation paths:
.claude/skills/defense-in-depth/# Defense in Depth for AI Systems ## Overview Defense in depth applies multiple security layers so that if one fails, others still protect the system. For AI applications, this means validating at every boundary: edge, gateway, input, authorization, data, LLM, output, and observability. **Core Principle:** No single security control should be the only thing protecting sensitive operations. ## The 8-Layer Security Architecture ``` ┌─────────────────────────────────────────────────────────────────────────┐ │ Layer 0: EDGE │ WAF, Rate Limiting, DDoS, Bot Detection │ ├─────────────────────────────────────────────────────────────────────────┤ │ Layer 1: GATEWAY │ JWT Verify, Extract Claims, Build Context │ ├─────────────────────────────────────────────────────────────────────────┤ │ Layer 2: INPUT │ Schema Validation, PII Detection, Injection│ ├─────────────────────────────────────────────────────────────────────────┤ │ Layer 3: AUTHORIZATION │ RBAC/ABAC, Tenant Check, Resource Access │ ├─────────────────────────────────────────────────────────────────────────┤ │ Layer 4: DATA ACCESS │ Parameterized Queries, Tenant Filter │ ├─────────────────────────────────────────────────────────────────────────┤ │ Layer 5: LLM │ Prompt Building (no IDs), Context Separation│ ├─────────────────────────────────────────────────────────────────────────┤ │ Layer 6: OUTPUT │ Schema Validation, Guardrails, Hallucination│ ├─────────────────────────────────────────────────────────────────────────┤ │ Layer 7: STORAGE │ Attribution, Audit Trail, Encryption │ ├─────────────────────────────────────────────────────────────────────────┤ │ Layer 8: OBSERVABILITY │ Logging (sanitized), Tracing, Metrics │ └─────────────────────────────────────────────────────────────────────────┘ ``` ## Layer Details ### Layer 0: Edge Protection **Purpose:** Stop attacks before they reach your application. - WAF ru