How does this skill prevent SQL injection?

The skill enforces the use of parameterized queries and modern ORM patterns while specifically flagging dangerous string concatenation in database interactions.

When should I activate the Security Review skill?

Activate this skill whenever you are implementing authentication, handling user-provided data, creating new API routes, or preparing for a production release.

Can it help with secrets management?

Yes, it identifies hardcoded API keys and passwords, ensuring all sensitive credentials are moved to environment variables and correctly ignored by version control.

Does it support blockchain security?

It includes specific patterns for Solana, such as wallet ownership verification and transaction validation to prevent blind signing and unauthorized transfers.

Security Review Specialist

Name: Security Review Specialist
Author: Aventerica89

byAventerica89

0•

보안 및 테스팅

Audits source code for vulnerabilities and enforces industry-standard security patterns for authentication, data handling, and infrastructure.

The Security Review skill serves as a comprehensive security layer for Claude Code, designed to protect applications from common vulnerabilities and architectural flaws. It provides automated guidance on critical security domains including secrets management, input validation with Zod, SQL injection prevention, and secure authentication flows. By implementing structured checklists for XSS, CSRF, and rate limiting, this skill ensures that developers follow OWASP best practices during the development lifecycle. It also includes specialized modules for blockchain security and dependency auditing, making it an essential tool for building production-ready, resilient software.

주요 기능

01Robust input validation and file upload sanitization using Zod and DOMPurify

020 GitHub stars

03Automated detection and mitigation patterns for SQL injection and XSS

04Specialized security verification for Solana blockchain transactions and wallets

05Comprehensive security checklists for authentication and authorization workflows

06Secure secrets management and environment variable configuration guidance

사용 사례

01Preparing applications for production with pre-deployment security checklists

02Securing API endpoints and implementing role-based access control (RBAC)

03Auditing legacy codebases for hardcoded secrets and unvalidated user inputs

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add aventerica89/bricks-builder-agent security-review

For use in Claude.ai and ChatGPT

주요 기능

01Robust input validation and file upload sanitization using Zod and DOMPurify

020 GitHub stars

03Automated detection and mitigation patterns for SQL injection and XSS

04Specialized security verification for Solana blockchain transactions and wallets

05Comprehensive security checklists for authentication and authorization workflows

06Secure secrets management and environment variable configuration guidance

사용 사례

01Preparing applications for production with pre-deployment security checklists

02Securing API endpoints and implementing role-based access control (RBAC)

03Auditing legacy codebases for hardcoded secrets and unvalidated user inputs