What authentication methods are covered?

The skill covers JWT (JSON Web Tokens), OAuth 2.0, API keys, session management, and multi-factor authentication (MFA).

Can it help prevent SQL Injection?

Absolutely. It provides specific patterns for parameterized queries, safe ORM usage, and rigorous input validation schemas using tools like Zod.

Does this skill support different API styles?

Yes, it provides security guidance and implementation patterns for REST, GraphQL, and WebSocket architectures.

How does it handle rate limiting?

It provides implementation strategies for per-user or per-IP rate limiting and throttling to protect your infrastructure from DDoS attacks and API abuse.

API Security Best Practices

Name: API Security Best Practices
Author: claudiodearaujo

byclaudiodearaujo

0•

セキュリティとテスト

Implements robust security patterns for APIs, including authentication, authorization, input validation, and protection against common vulnerabilities.

The API Security Best Practices skill empowers developers to build and maintain secure API ecosystems by providing expert guidance on critical security implementations. It covers industry-standard authentication methods like JWT and OAuth 2.0, rigorous input validation using schemas and parameterized queries, and proactive defenses against DDoS through rate limiting. Whether you are designing a new RESTful service or auditing an existing GraphQL endpoint, this skill ensures your backend services adhere to the OWASP API Security Top 10 while maintaining high standards for data protection and access control.

主な機能

01Security testing and audit preparation based on OWASP API Security standards

02Advanced rate limiting and throttling strategies to mitigate abuse and DDoS

03Input validation and sanitization to prevent injection attacks like SQLi and XSS

040 GitHub stars

05Data protection techniques including transit encryption and secure error handling

06Comprehensive authentication and authorization patterns (JWT, OAuth 2.0, RBAC)

ユースケース

01Hardening existing endpoints against sophisticated injection and brute-force attacks

02Securing a new REST, GraphQL, or WebSocket API from the design phase

03Conducting an automated API security review prior to production deployment

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add claudiodearaujo/sistema-de-narra-o-de-livro-front api-security-best-practices

For use in Claude.ai and ChatGPT

Download Skill

主な機能

01Security testing and audit preparation based on OWASP API Security standards

02Advanced rate limiting and throttling strategies to mitigate abuse and DDoS

03Input validation and sanitization to prevent injection attacks like SQLi and XSS

040 GitHub stars

05Data protection techniques including transit encryption and secure error handling

06Comprehensive authentication and authorization patterns (JWT, OAuth 2.0, RBAC)

ユースケース

01Hardening existing endpoints against sophisticated injection and brute-force attacks

02Securing a new REST, GraphQL, or WebSocket API from the design phase

03Conducting an automated API security review prior to production deployment

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add claudiodearaujo/sistema-de-narra-o-de-livro-front api-security-best-practices

For use in Claude.ai and ChatGPT

Download Skill