Security templates

Copy-paste, customize-the-placeholders, ship in five minutes. Every template is intentionally short — a starting point, not a 40-page doc.

txt

security.txt template (RFC 9116)

Copy-paste security.txt for your domain. Enables responsible disclosure, satisfies RFC 9116 compliance, gets indexed by vulnerability researchers.

markdown

Privacy Policy template — startup-friendly

A lawyer-reviewable starting point for a SaaS Privacy Policy. Not legal advice — customize and get counsel review before publishing. Plain language, GDPR + CCPA-aware.

sql

Supabase RLS policy starter pack

Copy-paste RLS policies for the 5 most common Supabase table patterns: user-owned, tenant-scoped, admin-only, public-read, and audit-log. Default-deny at base.

tsx

Next.js security headers config

Copy-paste next.config.mjs with HSTS, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy configured correctly for production.

tsx

Secure Next.js middleware.ts template

Copy-paste Next.js middleware that enforces auth on protected routes, blocks CVE-2025-29927, adds security headers, and handles rate limiting.

yaml

AIBOM CycloneDX 1.6 template — EU AI Act Article 11 supplement

CycloneDX 1.6 AIBOM example with full machine-learning-model component including modelCard + datasets + performanceMetrics + ethicalConsiderations. Drop into your release pipeline; emit on every build alongside the standard SBOM.

sql

Supabase Row-Level-Security policy bundle — every-table baseline

SQL bundle of canonical Supabase RLS policies covering: enable RLS on every table, default-deny baseline, per-user-owned-row policy, per-tenant-scoped policy with JWT claim, write-only audit-log policy, storage-bucket policies. Includes WRONG patterns (commented out) so you learn what NOT to ship.