Draft Deliverable

Security Checklist

# Checklist: <topic>

## <Category>
- [ ] <item with specific criteria>
- [ ] <item>

## <Category>
- [ ] <item>

Architecture Security Review

# Security Review: <system name>

## Architecture Overview
<description + diagram if possible>

## Security Controls
| Layer | Control | Status | Notes |
|-------|---------|--------|-------|

## Findings
### Finding 1: <title>
**Severity:** Critical / High / Medium / Low
**Component:** <affected component>
**Description:** <what's wrong>
**Recommendation:** <how to fix>
**Reference:** <OWASP, CIS, NIST reference>

## Summary
| Severity | Count |
|----------|-------|
| Critical | N |
| High     | N |
| Medium   | N |
| Low      | N |

Report (generic)

# <Report Title>

**Date:** <date>
**Author:** <name>
**Status:** Draft

## Executive Summary
<2-3 sentences for leadership>

## Scope
<what was covered>

## Methodology
<approach taken>

## Findings
<detailed findings>

## Recommendations
| Priority | Recommendation | Effort | Impact |
|----------|---------------|--------|--------|

## Next Steps
<action items>

Process

1. Determine document type from context or ask the user
2. Gather information from current topic workspace (notes, research, etc.)
3. Draft the document using the appropriate template
4. Save to topics/<current-topic>/deliverables/<slug>.md
5. Present to user for review and iteration

Guidelines

• These are professional documents -- use clear, concise language
• Include specific, actionable recommendations (not vague "improve security")
• Reference standards where applicable (OWASP, NIST, CIS, MITRE ATT&CK)
• Flag assumptions explicitly
• Leave placeholders marked as <!-- TODO: ... --> only for information the user needs to fill in (not for things you should know)