Does this skill support GraphQL and WebSockets?

Yes, the skill provides specific security design patterns and best practices for REST, GraphQL, and WebSocket communication protocols.

Is it compatible with major frameworks like Express or Fastify?

Yes, the skill provides implementation examples and middleware patterns that can be adapted to any major Node.js framework.

Can it help me implement multi-factor authentication (MFA)?

Yes, it includes guidance on setting up secure MFA flows and session management to enhance user account security.

How does this skill prevent SQL injection?

It guides you in using parameterized queries, secure ORM patterns, and strict input schema validation to ensure malicious payloads are never executed.

API Security Best Practices

Name: API Security Best Practices
Author: claudiodearaujo

byclaudiodearaujo

セキュリティとテスト

Implements industry-standard security patterns to protect API endpoints against unauthorized access and common web vulnerabilities.

概要

The API Security Best Practices skill empowers developers to build resilient backend services by integrating defense-in-depth strategies. It provides specialized guidance on implementing robust authentication flows using JWT and OAuth 2.0, enforcing role-based access control (RBAC), and sanitizing inputs to neutralize injection attacks. By covering critical areas like rate limiting, sensitive data encryption, and OWASP Top 10 mitigation, this skill ensures your REST, GraphQL, and WebSocket APIs are prepared for production-grade security audits and real-world threats.

主な機能

Data-at-rest and data-in-transit encryption implementation
API security testing and OWASP Top 10 vulnerability mitigation
Comprehensive authentication and authorization (JWT, OAuth 2.0, RBAC)
0 GitHub stars
Configurable rate limiting and throttling to prevent service abuse
Defensive input validation and sanitization using Zod and ORMs

ユースケース

Implementing token-based authentication and refresh token rotation
Securing sensitive user data and financial transactions in cloud APIs
Hardening existing endpoints against SQL injection and XSS attacks

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add claudiodearaujo/sistema-de-narra-o-de-livro-front api-security-best-practices

For use in Claude.ai and ChatGPT

Download Skill

GitHub

概要