Does this skill provide solutions for identified vulnerabilities?

Yes, every report includes specific remediation steps and code examples to help you fix identified misconfigurations immediately.

Can it analyze live URLs or just local files?

It can do both. The skill uses WebFetch to analyze live API endpoints and the Read tool to inspect local configuration files like JSON or YAML.

What does the CORS Validator check for?

The skill identifies common security risks such as overly permissive 'Access-Control-Allow-Origin' headers, insecure credential sharing, and misconfigured preflight requests.

Why is proper CORS validation important for web security?

Incorrect CORS settings can allow malicious third-party domains to access sensitive user data, potentially leading to data theft or cross-site request forgery (CSRF) attacks.

CORS Security Policy Validator

Name: CORS Security Policy Validator
Author: jeremylongshore

byjeremylongshore

•

983

Seguridad y Pruebas

Analyzes and validates Cross-Origin Resource Sharing (CORS) configurations to identify security vulnerabilities and ensure compliance with industry best practices.

Acerca de

The CORS Security Policy Validator skill empowers Claude to perform automated audits of CORS configurations across web applications and API endpoints. By analyzing policy files or fetching live headers from remote servers, the skill identifies dangerous misconfigurations—such as wildcard origins, insecure credential handling, or excessive header permissions—and provides detailed remediation reports. It is an essential tool for developers and security engineers looking to harden their web infrastructure against cross-origin attacks and ensure alignment with standards like OWASP and PCI-DSS.

Características Principales

Comprehensive vulnerability reporting with severity rankings
Deep scanning of static CORS configuration files
Detection of high-risk settings like wildcard origins
983 GitHub stars
Automated CORS header analysis for live API endpoints
Actionable remediation recommendations and code examples

Casos de Uso

Auditing a web application's CORS policy before a production deployment
Identifying regression issues in CORS configurations during development
Verifying the security headers of public-facing API endpoints

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add jeremylongshore/claude-code-plugins-plus-skills validating-cors-policies

For use in Claude.ai and ChatGPT

Download Skill

GitHub