Does it provide remediation advice?

Yes, the skill generates a detailed report outlining identified weaknesses and provides specific, actionable recommendations for fixing them.

How does this skill detect CSRF vulnerabilities?

It analyzes your application's endpoints and evaluates the presence and validity of protection mechanisms like CSRF tokens, double-submit cookies, and SameSite cookie attributes.

Can I use this for API security?

Absolutely. It is designed to target both traditional web forms and modern API endpoints to ensure state-changing operations are protected against unauthorized requests.

What specific mechanisms does it validate?

It checks for synchronizer tokens, double-submit cookies, SameSite attributes, and proper origin/referrer validation to ensure multi-layered defense.

CSRF Protection Validator

Name: CSRF Protection Validator
Author: jeremylongshore

byjeremylongshore

•

884

•

Seguridad y Pruebas

Analyzes web applications to identify and remediate Cross-Site Request Forgery vulnerabilities by validating security tokens, cookie attributes, and origin policies.

The CSRF Protection Validator skill empowers Claude to perform automated security audits focused on Cross-Site Request Forgery (CSRF), ensuring web applications are resilient against unauthorized command execution. It systematically scans application endpoints, evaluates the implementation of synchronizer tokens and double-submit cookies, and checks SameSite attribute configurations to provide a comprehensive risk assessment. By generating detailed vulnerability reports with actionable remediation steps, it helps developers harden their security posture and protect sensitive user data from session-based attacks.

Características Principales

01Detailed security reporting with remediation recommendations

02Origin and referrer validation checking

03Analysis of SameSite cookie attribute configurations

04884 GitHub stars

05Automated endpoint vulnerability scanning

06Validation of CSRF synchronizer tokens and double-submit cookies

Casos de Uso

01Verifying the correct implementation of SameSite cookie policies across a modern web stack.

02Auditing a legacy web application for missing CSRF protection on sensitive API endpoints.

03Generating a comprehensive security report for compliance or peer review during the development lifecycle.

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add jeremylongshore/claude-code-plugins-plus-skills csrf-protection-validator

For use in Claude.ai and ChatGPT

Download Skill

Características Principales

01Detailed security reporting with remediation recommendations

02Origin and referrer validation checking

03Analysis of SameSite cookie attribute configurations

04884 GitHub stars

05Automated endpoint vulnerability scanning

06Validation of CSRF synchronizer tokens and double-submit cookies

Casos de Uso

01Verifying the correct implementation of SameSite cookie policies across a modern web stack.

02Auditing a legacy web application for missing CSRF protection on sensitive API endpoints.

03Generating a comprehensive security report for compliance or peer review during the development lifecycle.

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add jeremylongshore/claude-code-plugins-plus-skills csrf-protection-validator

For use in Claude.ai and ChatGPT

Download Skill