How does it help prevent SQL injection?

The skill enforces the use of Spring Data repositories and parameterized queries, discouraging unsafe string concatenation in database calls.

Does this skill support JWT and OAuth2?

Yes, it provides implementation patterns for stateless JWT authentication and resource server configurations using OAuth2.

Can it assist with secrets management?

Yes, it provides guidance on externalizing secrets via environment variables or integrating directly with Spring Cloud Vault.

Does it include rate limiting configurations?

It includes patterns for applying Bucket4j or gateway-level limits to protect your endpoints from bursts and brute-force attacks.

Is it compatible with modern Spring Boot versions?

The skill is designed around modern Spring Security conventions, including the SecurityFilterChain bean and @EnableMethodSecurity.

Spring Boot Security Review

Name: Spring Boot Security Review
Author: Fabio29T

byFabio29T

0•

Seguridad y Pruebas

Reviews and implements Spring Security best practices for authentication, authorization, and data protection in Java applications.

This skill provides comprehensive guidance for securing Spring Boot services by enforcing industry-standard security patterns and defensive coding practices. It assists developers in implementing robust authentication flows using JWT or OAuth2, fine-grained method-level authorization, and essential protections such as CSRF mitigation, secure HTTP headers, and SQL injection prevention. Whether you are configuring secrets management with Vault or setting up rate limiting with Bucket4j, this skill ensures your Java backend is resilient against common vulnerabilities and compliant with modern security standards.

Características Principales

01Configures method-level authorization and role-based access control

02Integrates secrets management and dependency security scanning

03Sets up secure HTTP headers, CORS policies, and CSRF protection

04Automates input validation and SQL injection prevention

050 GitHub stars

06Implements stateless JWT and OAuth2 authentication patterns

Casos de Uso

01Configuring rate limiting and brute-force protection for public endpoints

02Hardening a REST API with stateless JWT-based authentication

03Securing sensitive database operations with parameterized queries and Vault

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add fabio29t/everything-claude springboot-security

For use in Claude.ai and ChatGPT

Características Principales

01Configures method-level authorization and role-based access control

02Integrates secrets management and dependency security scanning

03Sets up secure HTTP headers, CORS policies, and CSRF protection

04Automates input validation and SQL injection prevention

050 GitHub stars

06Implements stateless JWT and OAuth2 authentication patterns

Casos de Uso

01Configuring rate limiting and brute-force protection for public endpoints

02Hardening a REST API with stateless JWT-based authentication

03Securing sensitive database operations with parameterized queries and Vault

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add fabio29t/everything-claude springboot-security

For use in Claude.ai and ChatGPT