How does Secure Code Guardian prevent SQL injection?

It enforces the use of parameterized queries and strict input validation to ensure user-supplied data is never executed as part of a database command.

Can it help with OAuth and JWT implementation?

Yes, it provides standard-compliant patterns for implementing OAuth 2.0, OpenID Connect, and secure JWT handling including proper signing and expiration.

When should I invoke the Secure Code Guardian skill?

You should use it whenever you are handling user authentication, storing sensitive data, processing external inputs, or preparing a production release.

Does it support modern password hashing?

Absolutely, the skill mandates the use of strong, slow algorithms like bcrypt or Argon2 and strictly prohibits plaintext storage or weak hashes like MD5.

Secure Code Guardian

Name: Secure Code Guardian
Author: franroa

byfranroa

0•

보안 및 테스팅

Secures applications by implementing robust authentication, authorization, and defense-in-depth coding practices to prevent vulnerabilities.

Secure Code Guardian acts as a senior security engineer within your Claude Code environment, specialized in identifying attack surfaces and implementing defensive controls. It provides expert guidance on OWASP Top 10 prevention, secure input handling, and modern encryption standards like Argon2 or bcrypt. Whether you are building an OAuth workflow, securing sensitive API endpoints, or hardening existing infrastructure, this skill ensures your implementation follows industry-standard security protocols and avoids common pitfalls like hardcoded secrets or SQL injection.

주요 기능

010 GitHub stars

02Automated security header configuration and rate-limiting strategies

03OWASP Top 10 vulnerability prevention and mitigation

04Secure authentication and authorization workflows (JWT, OAuth 2.0, OIDC)

05Input validation and sanitization using modern libraries

06Implementation of industry-standard encryption and password hashing

사용 사례

01Implementing a secure password reset flow with encrypted tokens

02Hardening an API with security headers, CORS policies, and rate limiting

03Refactoring legacy database queries to use parameterized statements

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add franroa/chezmoi secure-code-guardian

For use in Claude.ai and ChatGPT

Download Skill