Secure Development Skill Purpose This skill ensures all code development follows security-by-design principles as defined in the Hack23 ISMS Secure Development Policy. It applies to all software development activities including web applications, APIs, infrastructure code, and scripts. Rules Input Validation MUST: - Validate ALL user input at the point of entry (server-side validation is mandatory) - Use allowlist validation (define what IS allowed, not what ISN'T) - Validate data type, length, format, and range - Encode output before rendering to prevent XSS - Sanitize input before use in que…