What XSS protections are included?

The skill covers safe template escaping, proper use of mark_safe vs format_html, and configuring Content Security Policy (CSP) headers.

How does this skill prevent SQL injection in Django?

The skill provides patterns for using the Django ORM's built-in protection and demonstrates how to properly parameterize raw SQL queries to prevent malicious input execution.

Does it support custom user models and authentication?

Absolutely. It provides code for implementing AbstractUser models with email-based login and high-entropy password hashing like Argon2.

Can this skill help with production deployment hardening?

Yes, it includes templates for essential production settings including SECURE_SSL_REDIRECT, HSTS, secure cookies, and X-Frame-Options.

Django Security Best Practices

Name: Django Security Best Practices
Author: affaan-m

byaffaan-m

•

43,117

セキュリティとテスト

Secures Django applications by implementing robust authentication, authorization, and protection against common web vulnerabilities.

概要

This Claude Code skill provides comprehensive guidance for hardening Django web applications against modern security threats. It offers production-ready configuration templates, custom user model patterns, and advanced Role-Based Access Control (RBAC) implementations. By integrating this skill, developers can automatically apply battle-tested defenses against SQL injection, Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF), while ensuring that production settings for SSL, cookies, and security headers meet industry standards.

主な機能

Granular Role-Based Access Control (RBAC) and object-level permissions
Automated patterns for SQL injection and XSS prevention
Custom user models with email authentication and Argon2/BCrypt hashing
43,117 GitHub stars
Production-hardened settings and security header configurations
Secure file upload validation and API rate limiting strategies

ユースケース

Auditing and remediating security vulnerabilities in legacy Django projects
Preparing a Django application for production deployment
Implementing complex multi-role authorization systems

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add affaan-m/everything-claude-code django-security

For use in Claude.ai and ChatGPT

Download Skill

GitHub

概要