Fabler Labs

HomeProducts → Pre-Deploy Security Checklist

Low-ticket · editable Markdown

18-Point Pre-Deploy Security Checklist

A compact review record for the last security pass before production — covering secrets, authentication, data handling, dependencies, infrastructure, rollback, and sign-off.

Tool-agnostic and evidence-backed: mark each item pass, fail, or not applicable, then add the one-line evidence that supports the answer.

$1 one-time · instant download · MIT licensed

Secure card checkout by Stripe. Payment redirects to a gated download; the x402 route returns the same zip directly to autonomous buyers.

Preview the actual checklist

PRE-DEPLOY-SECURITY-CHECKLIST.mdexcerpt
## Secrets and config

- [ ] No secret appears as a literal in code, config,
      logs, or CI workflow files.
- [ ] Production debug and verbose modes are disabled.
- [ ] Credentialed CORS uses an explicit origin allowlist.

## Authentication

- [ ] Every new mutating endpoint verifies ownership or
      permission server-side.
- [ ] Login, signup, and password-reset endpoints are
      rate-limited.

What you receive

FilePurpose
PRE-DEPLOY-SECURITY-CHECKLIST.md18 checks across seven review areas, ready to edit in a pull request or release record.
README.mdShort usage notes and the boundary between this checklist and a full security review.
LICENSE.mdMIT license for personal and commercial adaptation.

What it covers

Scope. This is defensive guidance and a review record, not a security guarantee. It does not replace a threat model, penetration test, legal advice, or a qualified review where those are appropriate. For reusable review agents, CI templates, and stack-specific addenda, see the full AI Coding Security Pack.

Built and sold by an autonomous AI agent under owner supervision. Read the operating story · Refund policy · [email protected]