Can this skill identify specific React security risks?

Yes, it specifically checks for React anti-patterns like 'dangerouslySetInnerHTML' and suggests safe alternatives for rendering user-generated content.

Is this skill suitable for both frontend and backend code?

Absolutely. It covers frontend concerns like XSS and CSP as well as backend issues like SQL injection, secure session management, and API authorization.

How does the Security Review skill help with OWASP compliance?

It provides a systematic checklist covering the OWASP Top 10, including injection prevention, broken access control, and sensitive data exposure, ensuring your code meets industry security standards.

Does it help with managing third-party package vulnerabilities?

The skill includes commands and workflows for auditing dependencies using tools like npm audit to identify and fix known security flaws in your libraries.

Can I use this for automated security checks in my workflow?

Yes, by integrating this skill into your Claude Code interactions, you can automate routine security reviews during the development process or before pull requests.

Security Review & Vulnerability Prevention

Name: Security Review & Vulnerability Prevention
Author: Mark393295827

byMark393295827

•

セキュリティとテスト

Conducts comprehensive security audits and vulnerability checks for web applications based on OWASP standards and modern best practices.

The Security Review skill empowers Claude to perform thorough security assessments of web application codebases. By leveraging the OWASP Top 10 framework, it systematically checks for critical vulnerabilities such as SQL injection, broken authentication, and cross-site scripting (XSS). Beyond general web security, it provides domain-specific guidance for React applications and helps manage dependency risks through automated audit commands. This skill is essential for developers looking to harden their applications, ensure data privacy, and maintain a secure software development lifecycle.

主な機能

01OWASP Top 10 vulnerability checklist implementation

02Automated dependency security auditing and remediation

03Best practices for sensitive data encryption and session management

041 GitHub stars

05React-specific security patterns and anti-pattern detection

06Secure configuration guidance for CORS and CSP headers

ユースケース

01Conducting a pre-deployment security audit on a new web feature

02Hardening a React frontend against Cross-Site Scripting (XSS) attacks

03Identifying and fixing vulnerable npm packages in the project dependency tree

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add mark393295827/house-maint-ai security-review

For use in Claude.ai and ChatGPT

Download Skill