How does the Security Review skill help prevent SQL injection?

The skill enforces the use of parameterized queries and ORM best practices, providing clear examples and verification steps to prohibit dangerous string concatenation in database calls.

Does it support blockchain-specific security?

Yes, it provides specialized verification steps for Solana wallet ownership and transaction validation to ensure secure interactions in Web3 environments.

How do I use the pre-deployment checklist?

The skill provides a 17-point pre-deployment checklist covering everything from HTTPS enforcement and CSP headers to Row Level Security (RLS) and dependency audits.

Can this skill help with sensitive data exposure in logs?

Yes, it includes specific guidelines and verification steps to identify and redact sensitive information like passwords, credit card numbers, and API keys from console logs and error messages.

Security Review

Name: Security Review
Author: affaan-m

byaffaan-m

•

172,651

•

セキュリティとテスト

Enforces rigorous security protocols and audits code for vulnerabilities across authentication, data handling, and API development.

The Security Review skill provides a comprehensive framework for ensuring codebases adhere to modern security standards and best practices. It guides developers through critical checkpoints including secrets management, input validation via Zod, SQL injection prevention, and secure authentication flows. By offering standardized 'Pass/Fail' code patterns and automated testing templates, this skill helps mitigate common vulnerabilities like XSS, CSRF, and sensitive data exposure, making it an essential tool for building production-ready, hardened applications with Claude Code.

主な機能

01Prevention strategies for SQL Injection, XSS, and CSRF vulnerabilities

02Automated security checklists for pre-deployment verification

03172,651 GitHub stars

04Specialized security checks for blockchain and Solana transaction verification

05Standardized input validation patterns using Zod and schema enforcement

06Secrets management protocols to prevent hardcoded credentials

ユースケース

01Auditing new API endpoints for input validation and rate limiting

02Implementing secure authentication and JWT token handling using httpOnly cookies

03Conducting a comprehensive pre-production security audit for full-stack applications

主な機能

01Prevention strategies for SQL Injection, XSS, and CSRF vulnerabilities

02Automated security checklists for pre-deployment verification

03172,651 GitHub stars

04Specialized security checks for blockchain and Solana transaction verification

05Standardized input validation patterns using Zod and schema enforcement

06Secrets management protocols to prevent hardcoded credentials

ユースケース

01Auditing new API endpoints for input validation and rate limiting

02Implementing secure authentication and JWT token handling using httpOnly cookies

03Conducting a comprehensive pre-production security audit for full-stack applications