What types of CORS configurations can this skill analyze?

This skill can analyze live HTTP response headers from a specific URL or examine static configuration files such as JSON and policy documents.

Can it help prevent security breaches?

Yes, it identifies risky settings like overly permissive access origins or improper credential handling that could lead to unauthorized data access.

How do I use this skill with a local file?

Simply ask Claude to 'validate the CORS policy in [filename]', and the skill will read the file and provide a detailed vulnerability report.

Is this skill useful for API developers?

Absolutely. It ensures that your backend services are correctly configured to only accept requests from authorized domains.

Does it support checking live URLs?

Yes, by providing an API endpoint URL, the skill will fetch the actual headers and analyze them for security compliance.

CORS Policy Validator

Name: CORS Policy Validator
Author: jeremylongshore

byjeremylongshore

•

884

•

セキュリティとテスト

Validates Cross-Origin Resource Sharing (CORS) configurations to identify security vulnerabilities and ensure compliance with web security best practices.

The CORS Policy Validator skill empowers Claude to perform automated security audits on your web application's CORS settings. By analyzing live HTTP headers or local configuration files, it detects common misconfigurations such as overly permissive origins, insecure wildcard usage, and credential exposure. This skill is indispensable for developers and security professionals looking to harden their API endpoints and prevent unauthorized cross-origin data access during the development and deployment lifecycle.

主な機能

01Static CORS configuration file validation

02Live API endpoint header analysis

03884 GitHub stars

04Identification of insecure wildcard and null origin patterns

05Automated reporting of security vulnerabilities

06Verification of allowed methods, headers, and credentials

ユースケース

01Validating local JSON or XML CORS policy files during development

02Auditing production API endpoints for CORS security compliance

03Identifying potential data leak risks in cross-origin configurations

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add jeremylongshore/claude-code-plugins-plus-skills cors-policy-validator

For use in Claude.ai and ChatGPT

主な機能

01Static CORS configuration file validation

02Live API endpoint header analysis

03884 GitHub stars

04Identification of insecure wildcard and null origin patterns

05Automated reporting of security vulnerabilities

06Verification of allowed methods, headers, and credentials

ユースケース

01Validating local JSON or XML CORS policy files during development

02Auditing production API endpoints for CORS security compliance

03Identifying potential data leak risks in cross-origin configurations

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add jeremylongshore/claude-code-plugins-plus-skills cors-policy-validator

For use in Claude.ai and ChatGPT