This skill is for the main-session orchestrator when working on jgwill/Miadi#263 or when revising the issue-263-derived first-wave security-remediation rispecs.
It does not create a new plugin. First wave is:
Use this skill when:
jgwill/Miadi#263,Do not use this skill for general application-security advice or for unrelated issues without first checking whether the same orchestration pattern really applies.
This skill is therefore issue-aware, not fully issue-agnostic. Reusable knowledge lives in the rispecs; the skill keeps the current-instance issue-263 paths and handoffs operational.
Invoke with an explicit prompt payload:
Use the skill `miadi-mightyeagle-issue-263`.
Inputs:
- issue_id: jgwill/Miadi#263
- issue_workspace: /usr/local/src/263-miadi-vulnerabilities-260429
- issue_orchestration_dir: /usr/local/src/263-miadi-vulnerabilities-260429/.mia/branches/fix/security-vulnerabilities-263
- issue_review_source: /usr/local/src/263-miadi-vulnerabilities-260429/.mia/review-security-vulnerability-260429.md
- execution_log: /usr/local/src/263-miadi-vulnerabilities-260429/.mia/branches/fix/security-vulnerabilities-263/EXECUTION_LOG.md
- rispec_root: /workspace/repos/jgwill/miadi-orchestration-kit/rispecs/security-remediation-orchestration
- latest_findings: <paths or "none">
- current_goal: <revise rispecs | prepare implementer handoff | run security review handoff | run RISE revision loop>
- lanes_in_scope: <comma-separated lanes>
First instruction:
Read the required sources in order, state what is reusable versus issue-bound, then execute only the requested lane handoffs. Leave exit artefacts with changed files, test evidence, exploit-regression evidence, blockers, defer/reject rationale, and the next safe relaunch command.
/usr/local/src/263-miadi-vulnerabilities-260429/.mia/review-security-vulnerability-260429.md/usr/local/src/263-miadi-vulnerabilities-260429/.mia/branches/fix/security-vulnerabilities-263/ORCHESTRATION_PLAN.md/usr/local/src/263-miadi-vulnerabilities-260429/.mia/branches/fix/security-vulnerabilities-263/QUICKSTART.md/usr/local/src/263-miadi-vulnerabilities-260429/.mia/branches/fix/security-vulnerabilities-263/EXECUTION_LOG.md/usr/local/src/263-miadi-vulnerabilities-260429/llms/llms-rise-framework.txt/workspace/repos/jgwill/miadi-orchestration-kit/rispecs/security-remediation-orchestration/README.md/workspace/repos/jgwill/miadi-orchestration-kit/rispecs/security-remediation-orchestration/01-reverse-engineer.md/workspace/repos/jgwill/miadi-orchestration-kit/rispecs/security-remediation-orchestration/02-intent.md/workspace/repos/jgwill/miadi-orchestration-kit/rispecs/security-remediation-orchestration/03-specify.md/workspace/repos/jgwill/miadi-orchestration-kit/rispecs/security-remediation-orchestration/04-export.md/workspace/repos/jgwill/miadi-orchestration-kit/rispecs/security-remediation-orchestration/05-issue-263-source-ledger.md| Path | Role |
|---|---|
/usr/local/src/263-miadi-vulnerabilities-260429 |
Live issue workspace |
/usr/local/src/263-miadi-vulnerabilities-260429/.mia/branches/fix/security-vulnerabilities-263 |
Issue-local orchestration artefacts |
/usr/local/src/263-miadi-vulnerabilities-260429/.mia/review-security-vulnerability-260429.md |
Security review source |
/usr/local/src/263-miadi-vulnerabilities-260429/.mia/branches/fix/security-vulnerabilities-263/EXECUTION_LOG.md |
Live resume and blocker state |
/workspace/repos/jgwill/miadi-orchestration-kit |
Reusable orchestration repo |
/workspace/repos/jgwill/miadi-orchestration-kit/rispecs/security-remediation-orchestration |
Reusable issue-263-derived rispecs |
/src/Miadi |
Canonical broader Miadi reference root |
/workspace/repos/miadisabelle/mia-awesome-copilot |
Source plugin patterns |
Prefer the already-loaded agents instead of inventing issue-specific copies:
stckin-orchestration-kit:miadi-deep-search-synthesizer for evidence synthesis and replayable launch patternscontext-engineering:context-architect for file/surface mapping and dependency boundariessoftware-engineering-team:se-security-reviewer for exploitability and security-quality reviewmiadi-adversarial-review-kit:rise-revision-critic for RISE-structured dissent reviewmiadi-promotion-context-kit:miadi-promotion-architect for deciding what belongs in reusable rispec/skill formIf implementation changes are in scope, keep implementer and reviewer lanes separate.
Provide:
Provide:
Provide:
Provide:
Security review is not limited to auth and HTTP checks. Require review for:
Minimum required loop:
Do not stop at review production alone. Either revise the artefacts or record an explicit defer/reject decision with rationale.
Every completed run using this skill should leave:
copilot \
--plugin-dir /workspace/repos/jgwill/miadi-orchestration-kit/copilot/stckin-orchestration-kit \
--plugin-dir /workspace/repos/jgwill/miadi-orchestration-kit/copilot/miadi-promotion-context-kit \
--plugin-dir /workspace/repos/jgwill/miadi-orchestration-kit/copilot/miadi-adversarial-review-kit \
--plugin-dir /workspace/repos/miadisabelle/mia-awesome-copilot/plugins/software-engineering-team \
--plugin-dir /workspace/repos/miadisabelle/mia-awesome-copilot/plugins/context-engineering \
--add-dir /workspace/repos/jgwill/miadi-orchestration-kit \
--add-dir /usr/local/src/263-miadi-vulnerabilities-260429 \
--add-dir /usr/local/src/263-miadi-vulnerabilities-260429/.mia/branches/fix/security-vulnerabilities-263 \
--add-dir /src/Miadi \
--add-dir /workspace/repos/miadisabelle/mia-awesome-copilot
Treat this as an issue-263 example from the current drafting environment, not a universal requirement for every future security issue.
jgwill/Miadi#263.rispecs/security-remediation-orchestration/