How does this skill prevent SQL injection in Django?

The skill promotes the use of Django's ORM which automatically escapes parameters and provides patterns for safe raw SQL execution using parameterized queries instead of string interpolation.

Does it support custom user models?

Yes, it includes implementation patterns for custom user models, which is a recommended best practice for modern Django applications to allow for better security and flexibility.

Can it help with Django Rest Framework (DRF) security?

Yes, it includes patterns for API-specific security such as rate limiting (throttling), custom permission classes, and secure cross-origin resource sharing.

What production settings does it help configure?

It provides a comprehensive checklist for production, including disabling DEBUG mode, forcing HTTPS via SECURE_SSL_REDIRECT, and setting HSTS and secure cookie flags.

Django Security Best Practices

Name: Django Security Best Practices
Author: Fabio29T

byFabio29T

0•

セキュリティとテスト

Implements comprehensive security configurations and defensive coding patterns for Django applications to prevent common vulnerabilities.

The Django Security skill equips Claude with specialized expertise to audit, harden, and secure Django web applications. It provides detailed guidance on establishing production-ready settings, implementing robust authentication and Role-Based Access Control (RBAC), and defending against the OWASP Top 10, including SQL injection, XSS, and CSRF. Useful for both greenfield development and legacy code audits, this skill ensures that security is baked into the application architecture through secure cookie management, password hashing, and safe file handling procedures.

主な機能

01Defensive patterns against SQL injection, Cross-Site Scripting (XSS), and CSRF

02Granular Role-Based Access Control (RBAC) and custom permission logic

03Secure file upload validation and API rate limiting strategies

04Production-hardened settings configuration including SSL, HSTS, and secure cookies

050 GitHub stars

06Secure authentication patterns using custom user models and Argon2 hashing

ユースケース

01Building complex multi-tenant permission systems and user roles

02Refactoring legacy Django code to resolve security vulnerabilities

03Preparing a Django application for production deployment with a security audit

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add fabio29t/everything-claude django-security

For use in Claude.ai and ChatGPT

主な機能

01Defensive patterns against SQL injection, Cross-Site Scripting (XSS), and CSRF

02Granular Role-Based Access Control (RBAC) and custom permission logic

03Secure file upload validation and API rate limiting strategies

04Production-hardened settings configuration including SSL, HSTS, and secure cookies

050 GitHub stars

06Secure authentication patterns using custom user models and Argon2 hashing

ユースケース

01Building complex multi-tenant permission systems and user roles

02Refactoring legacy Django code to resolve security vulnerabilities

03Preparing a Django application for production deployment with a security audit

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add fabio29t/everything-claude django-security

For use in Claude.ai and ChatGPT