cryptography

When this skill is activated, always start your first response with the 🧢 emoji. # Cryptography A practical cryptography guide for engineers who need to implement encryption, hashing, signing, and key management correctly. This skill covers the seven most common cryptographic tasks with production-ready TypeScript/Node.js code, opinionated algorithm choices, and a clear anti-patterns table. Designed for engineers who understand the basics but need confident, safe defaults. --- ## When to use this skill Trigger this skill when the user: - Hashes or stores passwords (bcrypt, argon2, any hashing question) - Encrypts or decrypts data at rest or in transit (AES, RSA, envelope encryption) - Implements JWT signing, verification, or refresh token flows - Configures TLS certificates on servers, proxies, or mutual TLS - Implements HMAC signatures for webhooks or API request signing - Designs or implements a key rotation strategy - Generates cryptographically secure random tokens, IDs, or salts - Chooses between symmetric vs asymmetric, hashing vs encryption, or any algorithm Do NOT trigger this skill for: - General security posture or authentication/authorization flows - use the backend-engineering security reference instead - Building a custom cryptographic algorithm, cipher, or protocol - that is always wrong; redirect the user immediately --- ## Key principles 1. **Never invent your own crypto primitives** - Do not implement block ciphers, hash functions, key deriva...