How does Secure Code Guardian prevent SQL injection?

It enforces the use of parameterized queries and strict input validation to ensure user-supplied data is never executed as part of a database command.

Can it help with OAuth and JWT implementation?

Yes, it provides standard-compliant patterns for implementing OAuth 2.0, OpenID Connect, and secure JWT handling including proper signing and expiration.

When should I invoke the Secure Code Guardian skill?

You should use it whenever you are handling user authentication, storing sensitive data, processing external inputs, or preparing a production release.

Does it support modern password hashing?

Absolutely, the skill mandates the use of strong, slow algorithms like bcrypt or Argon2 and strictly prohibits plaintext storage or weak hashes like MD5.

Secure Code Guardian

Name: Secure Code Guardian
Author: franroa

byfranroa

보안 및 테스팅

Secures applications by implementing robust authentication, authorization, and defense-in-depth coding practices to prevent vulnerabilities.

소개

Secure Code Guardian acts as a senior security engineer within your Claude Code environment, specialized in identifying attack surfaces and implementing defensive controls. It provides expert guidance on OWASP Top 10 prevention, secure input handling, and modern encryption standards like Argon2 or bcrypt. Whether you are building an OAuth workflow, securing sensitive API endpoints, or hardening existing infrastructure, this skill ensures your implementation follows industry-standard security protocols and avoids common pitfalls like hardcoded secrets or SQL injection.

주요 기능

0 GitHub stars
Automated security header configuration and rate-limiting strategies
OWASP Top 10 vulnerability prevention and mitigation
Secure authentication and authorization workflows (JWT, OAuth 2.0, OIDC)
Input validation and sanitization using modern libraries
Implementation of industry-standard encryption and password hashing

사용 사례

Implementing a secure password reset flow with encrypted tokens
Hardening an API with security headers, CORS policies, and rate limiting
Refactoring legacy database queries to use parameterized statements

소개

주요 기능

0 GitHub stars
Automated security header configuration and rate-limiting strategies
OWASP Top 10 vulnerability prevention and mitigation
Secure authentication and authorization workflows (JWT, OAuth 2.0, OIDC)
Input validation and sanitization using modern libraries
Implementation of industry-standard encryption and password hashing

사용 사례

Implementing a secure password reset flow with encrypted tokens
Hardening an API with security headers, CORS policies, and rate limiting
Refactoring legacy database queries to use parameterized statements