Is it compatible with specific frameworks?

The patterns are demonstrated in TypeScript and JavaScript (often using Next.js, Supabase, or Express), but the security principles and implementation logic can be adapted to most modern web stacks.

Does this skill handle sensitive data directly?

No, the skill provides patterns and code structures for you to implement; it helps you write code that manages secrets securely via environment variables and proper hashing rather than hardcoding them.

Which authentication methods are supported?

It includes patterns for modern authentication workflows including JWT tokens with httpOnly cookies, Multi-Factor Authentication (MFA), and secure password hashing.

Can it help prevent XSS and SQL injection?

Yes, it provides specific implementation patterns for parameterized queries, schema-based validation with Zod, and HTML sanitization using DOMPurify to mitigate these attacks.

Security Best Practices & Patterns

Name: Security Best Practices & Patterns
Author: mnthe

bymnthe

•

Seguridad y Pruebas

Implements production-grade security patterns and OWASP best practices for authentication, input validation, and data protection.

This skill equips Claude with specialized knowledge of the OWASP Top 10 and modern web security patterns, enabling it to write secure-by-default code. It provides battle-tested implementations for robust authentication (JWT, MFA), schema-based input validation with Zod, secure database interactions, and proper environment variable management. By using this skill, developers can proactively mitigate common vulnerabilities like SQL injection, broken access control, and insecure design while building scalable, production-ready applications with industry-standard safeguards.

Características Principales

01OWASP Top 10 mitigation strategies including protection against injection and broken access control

02Schema-based input and file upload validation using Zod

03Secure password hashing and verification implementation using bcrypt or Argon2

04Secure authentication patterns including MFA and httpOnly JWT cookie handling

052 GitHub stars

06Infrastructure-level security patterns for rate limiting and HTTP security headers

Casos de Uso

01Building secure authentication and authorization systems for web applications

02Implementing Row Level Security (RLS) and Role-Based Access Control (RBAC)

03Sanitizing user input and file uploads to prevent XSS and injection attacks

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add mnthe/hardworker-marketplace security-patterns

For use in Claude.ai and ChatGPT

Download Skill