diff --git a/README.md b/README.md
index 119f0c8a0f..c5555e0dc8 100644
--- a/README.md
+++ b/README.md
@@ -250,6 +250,7 @@ The following community-contributed extensions are available in [`catalog.commun
 | Staff Review Extension | Staff-engineer-level code review that validates implementation against spec, checks security, performance, and test coverage | `code` | Read-only | [spec-kit-staff-review](https://github.com/arunt14/spec-kit-staff-review) |
 | Status Report | Project status, feature progress, and next-action recommendations for spec-driven workflows | `visibility` | Read-only | [Open-Agent-Tools/spec-kit-status](https://github.com/Open-Agent-Tools/spec-kit-status) |
 | Superpowers Bridge | Orchestrates obra/superpowers skills within the spec-kit SDD workflow across the full lifecycle (clarification, TDD, review, verification, critique, debugging, branch completion) | `process` | Read+Write | [superpowers-bridge](https://github.com/RbBtSn0w/spec-kit-extensions/tree/main/superpowers-bridge) |
+| TEKIMAX Secure SDD | Security-first extension — threat modeling (STRIDE), red teaming, AI guardrails, data contracts, model governance, polyglot inline-content scan, dependency CVE scan (Gate G), tamper-evident hash-chain audit logs | `process` | Read+Write | [speckit-security](https://github.com/TEKIMAX/speckit-security) |
 | TinySpec | Lightweight single-file workflow for small tasks — skip the heavy multi-step SDD process | `process` | Read+Write | [spec-kit-tinyspec](https://github.com/Quratulain-bilal/spec-kit-tinyspec) |
 | V-Model Extension Pack | Enforces V-Model paired generation of development specs and test specs with full traceability | `docs` | Read+Write | [spec-kit-v-model](https://github.com/leocamello/spec-kit-v-model) |
 | Verify Extension | Post-implementation quality gate that validates implemented code against specification artifacts | `code` | Read-only | [spec-kit-verify](https://github.com/ismaelJimenez/spec-kit-verify) |
diff --git a/extensions/catalog.community.json b/extensions/catalog.community.json
index 17bf6f70e2..9213a09203 100644
--- a/extensions/catalog.community.json
+++ b/extensions/catalog.community.json
@@ -1,6 +1,6 @@
 {
   "schema_version": "1.0",
-  "updated_at": "2026-04-16T18:00:00Z",
+  "updated_at": "2026-04-16T18:40:00Z",
   "catalog_url": "https://raw.githubusercontent.com/github/spec-kit/main/extensions/catalog.community.json",
   "extensions": {
     "aide": {
@@ -1963,6 +1963,40 @@
       "created_at": "2026-03-02T00:00:00Z",
       "updated_at": "2026-03-02T00:00:00Z"
     },
+    "tekimax-security": {
+      "name": "TEKIMAX Secure SDD",
+      "id": "tekimax-security",
+      "description": "Security-first extension for Spec Kit — threat modeling (STRIDE), red teaming, AI guardrails, data contracts, model governance, polyglot inline-content scan, dependency CVE scan (Gate G via osv-scanner / pnpm / npm / yarn), and project-root-confined scripts with tamper-evident hash-chain audit logs.",
+      "author": "Christian Kaman (TEKIMAX)",
+      "version": "0.3.1",
+      "license": "Apache-2.0",
+      "homepage": "https://speckit.tekimax.com",
+      "repository": "https://github.com/TEKIMAX/speckit-security",
+      "documentation": "https://speckit.tekimax.com",
+      "changelog": "https://github.com/TEKIMAX/speckit-security/blob/main/CHANGELOG.md",
+      "download_url": "https://github.com/TEKIMAX/speckit-security/archive/refs/tags/v0.3.1.zip",
+      "requires": {
+        "speckit_version": ">=0.1.0"
+      },
+      "provides": {
+        "commands": 9,
+        "hooks": 5
+      },
+      "tags": [
+        "security",
+        "threat-modeling",
+        "red-team",
+        "guardrails",
+        "ai-safety",
+        "compliance",
+        "tekimax"
+      ],
+      "verified": false,
+      "downloads": 0,
+      "stars": 0,
+      "created_at": "2026-04-16T00:00:00Z",
+      "updated_at": "2026-04-16T00:00:00Z"
+    },
     "tinyspec": {
       "name": "TinySpec",
       "id": "tinyspec",