What are the SACROSANCT rules in this skill?

They are non-negotiable security protocols that strictly forbid storing actual credentials in version control or frontend code, requiring the use of environment variables and server-side proxies.

Can I use this for OWASP compliance?

Yes, the skill includes detailed references and mitigation strategies specifically designed to address the OWASP Top 10 most critical web application security risks.

Does it help with SQL injection and XSS?

Yes, it provides code patterns for using parameterized queries and secure output encoding to ensure user input cannot be executed as malicious code.

How does this skill prevent credential exposure?

It enforces the Backend Proxy pattern, ensuring all API secrets remain exclusively on the server and are never accessible by the client-side application bundle.

Pact Security Patterns

Name: Pact Security Patterns
Author: ProfSynapse

byProfSynapse

•

보안 및 테스팅

Enforces non-negotiable security protocols and threat mitigation patterns to protect applications from vulnerabilities and credential leaks.

The Pact Security Patterns skill provides a comprehensive framework for implementing robust security within the PACT development ecosystem. It focuses on 'SACROSANCT' rules that eliminate credential exposure through strict environment variable management and the enforcement of the Backend Proxy pattern. By providing standardized implementation guides for input validation, SQL injection prevention, secure authentication, and defensive HTTP headers, it ensures that Claude-assisted development meets modern industry standards and mitigates OWASP Top 10 risks.

주요 기능

01SACROSANCT rules for absolute credential protection and zero-leakage policies.

02Standardized input validation and output encoding patterns to mitigate XSS.

03Pre-configured security headers and rate-limiting patterns for Express.js and React.

0436 GitHub stars

05Backend Proxy pattern implementation to prevent frontend credential exposure.

06Parameterized query templates to prevent SQL injection vulnerabilities.

사용 사례

01Implementing secure authentication and authorization flows in web applications.

02Configuring production-grade security headers to protect against common web attacks.

03Conducting automated security audits to detect hardcoded secrets or unsafe API patterns.

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add profsynapse/pact-prompt pact-security-patterns

For use in Claude.ai and ChatGPT

Download Skill