How does this handle sensitive secrets?

The skill promotes security best practices by ensuring secrets are never committed to source control, recommending the use of environment variables or external vaults.

Can I use this skill to prevent SQL injection?

Absolutely. The skill enforces the use of Spring Data repositories and parameterized queries, explicitly advising against string concatenation in native queries.

Does this skill help with JWT implementation?

Yes, it provides specific implementation patterns for stateless JWT authentication using OncePerRequestFilter and JwtService.

Does it provide guidance on security headers?

Yes, it includes standardized configurations for Content Security Policy (CSP), XSS protection, and frame options to harden your application's HTTP responses.

Spring Boot Security Expert

Name: Spring Boot Security Expert
Author: affaan-m

byaffaan-m

•

43,117

보안 및 테스팅

Implements industry-standard security best practices for Java Spring Boot applications, covering authentication, authorization, and vulnerability prevention.

소개

The Spring Boot Security skill empowers Claude to act as a specialized security auditor and implementation guide for Java backend services. It provides domain-specific patterns for stateless JWT authentication, role-based access control (RBAC), and robust input validation. By integrating this skill, developers can ensure their Spring Boot services are hardened against common vulnerabilities like SQL injection and CSRF, while maintaining secure configuration for headers, secrets management, and rate limiting.

주요 기능

Method-level authorization guidance using Spring Security expressions
43,117 GitHub stars
Implementation patterns for stateless JWT and secure cookie authentication
Pre-release security checklist for production-ready services
Automated security header configuration including CSP and HSTS
Comprehensive vulnerability prevention for SQLi and CSRF

사용 사례

Hardening REST API endpoints with role-based access control
Configuring secure secrets management and environment-based properties
Auditing existing Spring Boot codebases for OWASP security gaps

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add affaan-m/everything-claude-code springboot-security

For use in Claude.ai and ChatGPT

Download Skill

GitHub

소개