Can this skill help with authentication setup?

Yes, it provides implementation guidance for secure session management, OAuth protocols, and multi-factor authentication (MFA).

Is this skill specific to a certain programming language?

No, the security principles and checks provided apply across all modern programming languages and web frameworks.

Does it manage sensitive API keys or secrets?

It enforces the best practice of never storing sensitive data in version control and suggests secure storage methods like environment variables or secret managers.

How does the security skill help identify vulnerabilities?

The skill analyzes code for common risks like SQL injection, XSS, and broken access control, suggesting immediate secure alternatives and best practices.

Security & Secure Coding

Name: Security & Secure Coding
Author: OpenHands

byOpenHands

•

セキュリティとテスト

Implements industry-standard security protocols and best practices for secure application development and data protection.

The Security skill for Claude Code acts as a specialized guardrail and advisor for building resilient, production-ready software. It focuses on identifying vulnerabilities early, enforcing robust authentication and authorization patterns, and ensuring the principle of least privilege is applied across the codebase. By integrating these practices, the skill helps developers secure sensitive data, sanitize inputs to prevent injection attacks, and manage sessions securely, making it an essential tool for any project handling user data or external API integrations.

主な機能

01Guidance on secure session management and credential handling

02Automated security vulnerability identification and inline remediation

03Implementation of secure authentication and authorization patterns

04Best practices for error handling to prevent sensitive data leakage

05Input validation and data sanitization to prevent injection attacks

0640 GitHub stars

ユースケース

01Conducting security reviews of new features before merging into production

02Hardening API endpoints and securing database connection configurations

03Implementing complex permission-based access control (RBAC) systems

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add openhands/skills security

For use in Claude.ai and ChatGPT

Download Skill