playbooks

home / skills / williamzujkowski / standards / nist

nist skill

/skills/compliance/nist

This skill helps you implement NIST compliance in software projects by applying secure, maintainable, and testable patterns across architecture, testing, and

npx playbooks add skill williamzujkowski/standards --skill nist

Review the files below or copy the command above to add this skill to your agents.

Files (5)
SKILL.md
1.9 KB
---
name: nist
description: Nist standards for nist in Compliance environments. Covers best practices,
---

# Nist

> **Quick Navigation:**
> Level 1: [Quick Start](#level-1-quick-start) (5 min) → Level 2: [Implementation](#level-2-implementation) (30 min) → Level 3: [Mastery](#level-3-mastery-resources) (Extended)

---

## Level 1: Quick Start

### Core Principles

1. **Best Practices**: Follow industry-standard patterns for compliance
2. **Security First**: Implement secure defaults and validate all inputs
3. **Maintainability**: Write clean, documented, testable code
4. **Performance**: Optimize for common use cases

### Essential Checklist

- [ ] Follow established patterns for compliance
- [ ] Implement proper error handling
- [ ] Add comprehensive logging
- [ ] Write unit and integration tests
- [ ] Document public interfaces

### Quick Links to Level 2

- [Core Concepts](#core-concepts)
- [Implementation Patterns](#implementation-patterns)
- [Common Pitfalls](#common-pitfalls)

---

## Level 2: Implementation

### Core Concepts

This skill covers essential practices for compliance.

**Key areas include:**

- Architecture patterns
- Implementation best practices
- Testing strategies
- Performance optimization

### Implementation Patterns

Apply these patterns when working with compliance:

1. **Pattern Selection**: Choose appropriate patterns for your use case
2. **Error Handling**: Implement comprehensive error recovery
3. **Monitoring**: Add observability hooks for production

### Common Pitfalls

Avoid these common mistakes:

- Skipping validation of inputs
- Ignoring edge cases
- Missing test coverage
- Poor documentation

---

## Level 3: Mastery Resources

### Reference Materials

- [Related Standards](../../docs/standards/)
- [Best Practices Guide](../../docs/guides/)

### Templates

See the `templates/` directory for starter configurations.

### External Resources

Consult official documentation and community best practices for compliance.

Overview

This skill codifies NIST-aligned software development standards for compliance-focused projects. It provides a concise checklist, implementation patterns, and resources to start projects with secure, maintainable defaults. Use it to accelerate compliant architectures and enforce repeatable best practices across teams.

How this skill works

The skill inspects project practices and provides guidance across three levels: Quick Start, Implementation, and Mastery. It highlights core principles, recommended patterns (error handling, monitoring, validation), and common pitfalls to avoid. Templates and reference links support rapid adoption and consistent implementations.

When to use it

  • Starting a new project that must meet compliance or security standards
  • Auditing an existing codebase for compliance gaps
  • Designing architecture and implementation patterns for regulated environments
  • Onboarding teams to a standard set of secure defaults and test practices
  • Creating templates and CI checks for production deployments

Best practices

  • Adopt secure defaults and validate all external inputs
  • Implement comprehensive error handling and observable logging
  • Write unit and integration tests with good coverage before release
  • Document public interfaces and maintain design rationale
  • Choose architecture patterns based on threat model and operational needs
  • Add monitoring hooks and performance checks for production

Example use cases

  • Quick project bootstrap with NIST-aligned checklist and templates
  • Reviewing code for missing validations, logging, or tests
  • Defining CI pipelines that enforce testing and security gates
  • Creating team onboarding material with core compliance concepts
  • Selecting and documenting error-recovery and monitoring patterns for services

FAQ

What exactly does the skill cover?

It covers core NIST-aligned principles for secure software development, implementation patterns (error handling, monitoring, validation), testing strategies, and templates for quick project starts.

How do I use the templates?

Use templates as starter configurations for projects: copy the starter files, adapt settings to your environment, and integrate them into your CI to enforce the standards.