Does it handle frontend and backend security differently?

Yes, the skill is designed to identify both frontend and backend frameworks simultaneously to ensure comprehensive coverage across the entire application stack.

Can it automatically fix the security issues it finds?

Yes, after providing a report, you can request the skill to perform fixes one by one. It focuses on concise changes that maintain functional integrity while explaining the security rationale.

Which languages does this skill support?

This skill provides specialized security guidance and best practices for Python, JavaScript, TypeScript, and Go.

How does the skill report identified vulnerabilities?

It generates a detailed markdown report (security_best_practices_report.md) categorized by severity levels, including executive summaries and specific code line references.

Security Best Practices

Name: Security Best Practices
Author: payolajoker

bypayolajoker

0•

セキュリティとテスト

Conducts language-specific security reviews and implements secure-by-default coding patterns for Python, JavaScript, and Go projects.

The Security Best Practices skill empowers Claude to act as an automated security auditor and consultant within your development workflow. It identifies project frameworks to apply relevant security standards, identifies vulnerabilities in real-time, and generates detailed, prioritized markdown reports with actionable fixes. Whether you are starting a new project and need secure-by-default boilerplate or auditing an existing codebase for critical risks like insecure IDs or improper TLS configurations, this skill ensures your code meets industry security benchmarks without disrupting functional requirements or introducing regressions.

主な機能

01Real-time passive vulnerability detection during active development

02Step-by-step implementation of security fixes with regression testing awareness

03Language-specific security reviews for Python, JS/TS, and Go

04Automated generation of prioritized security reports with line-number references

05Guidance on secure data patterns like UUIDs and safe cookie management

060 GitHub stars

ユースケース

01Identifying and fixing high-impact vulnerabilities like predictable resource IDs or insecure session handling

02Generating a comprehensive security audit report for an existing web application codebase

03Ensuring new feature development follows secure-by-default patterns for specific frameworks

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add payolajoker/ai-agent-setting security-best-practices

For use in Claude.ai and ChatGPT

Download Skill