Can I use this for OWASP compliance checks?

Absolutely. It provides a detailed checklist mapped to the OWASP Top 10, covering broken access control, injection, and insecure design.

Is this skill specific to a certain database ORM?

While the provided patterns are optimized for Prisma and Row Level Security (RLS), the general audit logic and security checklists apply to any TypeScript-based backend.

Does this skill help with credential scanning?

Yes, it includes automated scanning commands to detect hardcoded secrets, API keys, and potential credential leaks in your TypeScript and environment files.

How does this skill detect RLS bypasses?

The skill uses specific grep-based patterns to identify direct database calls that bypass the required security context wrappers like withUserContext or withAdminContext.

Does it support automated vulnerability scanning?

Yes, it integrates standard security commands like npm audit and yarn audit to check for high and critical vulnerabilities in your project dependencies.

Security Audit & RLS Validation

Name: Security Audit & RLS Validation
Author: bybren-llc

bybybren-llc

•

보안 및 테스팅

Enforces application safety by validating Row Level Security (RLS) policies, auditing authentication routes, and performing automated vulnerability scanning.

소개

This skill provides a comprehensive security-first framework for Claude Code, enabling the detection and prevention of common vulnerabilities such as broken access control, exposed credentials, and SQL injection. By implementing standardized RLS context wrappers and OWASP compliance checks, it ensures that AI agents develop code within strict security guardrails. It streamlines the auditing process for authentication flows, dependency health, and secure database access patterns, making it an essential tool for production-grade agentic development.

주요 기능

OWASP Top 10 compliance mapping and standardized checklists
Authentication and authorization auditing for API routes
Pre-deployment security review reporting and vulnerability detection
Hardcoded credential and secret scanning for client/server code
Automated RLS bypass detection for Prisma and database operations
19 GitHub stars

사용 사례

Performing a comprehensive security audit before deploying new features to production
Validating database isolation to ensure users cannot access unauthorized data
Automating dependency vulnerability checks using npm and yarn audit

소개

주요 기능

OWASP Top 10 compliance mapping and standardized checklists
Authentication and authorization auditing for API routes
Pre-deployment security review reporting and vulnerability detection
Hardcoded credential and secret scanning for client/server code
Automated RLS bypass detection for Prisma and database operations
19 GitHub stars

사용 사례

Performing a comprehensive security audit before deploying new features to production
Validating database isolation to ensure users cannot access unauthorized data
Automating dependency vulnerability checks using npm and yarn audit