Does it handle data encryption requirements?

The skill guides the implementation of industry-standard encryption for both transport layer security (TLS) and the protection of sensitive data at rest.

How does this skill help with OWASP compliance?

It analyzes your codebase against common patterns identified in the OWASP Top 10, such as SQL injection and broken access control, providing specific remediation steps.

Is this skill limited to specific programming languages?

While it focuses on API patterns, its security principles and vulnerability detection capabilities apply across most modern backend languages and frameworks.

Can it help implement complex authentication flows?

Yes, it provides implementation patterns and best practices for strong authentication protocols including OAuth2, OpenID Connect, and secure JWT validation.

How does it improve input handling?

It enforces strict schema validation and parameterized queries to ensure all external data is treated as untrusted, preventing injection attacks.

API Security Guardian

Name: API Security Guardian
Author: pointware

bypointware

0•

セキュリティとテスト

Protects your applications by identifying vulnerabilities, enforcing OWASP standards, and implementing robust API security patterns.

The API Security Guardian skill equips Claude with specialized expertise in modern cybersecurity, focusing on the protection of REST, GraphQL, and backend services. It enables Claude to systematically audit codebases for security risks such as injection vulnerabilities, broken access control, and improper authentication. By applying the principle of least privilege and defense-in-depth strategies, this skill helps developers remediate threats, implement secure OAuth2/JWT flows, and ensure compliance with industry best practices like the OWASP Top 10, resulting in more resilient and trustworthy software.

主な機能

01Secure implementation of OAuth2, JWT, and multi-factor authentication

02Strict input validation and output sanitization to prevent injection and XSS

030 GitHub stars

04Guidance on encryption best practices for data at rest and in transit

05Security-focused code audits for identifying logic flaws and data leaks

06Automated vulnerability detection based on OWASP Top 10 standards

ユースケース

01Implementing a zero-trust authorization model for sensitive backend endpoints

02Auditing an existing API for common security vulnerabilities and logic flaws

03Refactoring legacy authentication systems to follow modern security standards

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add pointware/custom-marketplace security

For use in Claude.ai and ChatGPT

Download Skill