Is it compatible with both frontend and backend development?

Yes, it covers the full stack, from frontend Content Security Policies (CSP) to backend database query parameterization.

Does this skill help with OWASP Top 10 compliance?

Yes, it specifically provides patterns and implementations to prevent vulnerabilities like SQL injection, XSS, and broken access control.

Does it provide code for password hashing?

Yes, the skill enforces the use of strong hashing algorithms like Argon2 or bcrypt and strictly prohibits plaintext password storage.

Can it help me set up OAuth or JWT authentication?

Absolutely. It supports industry best practices for JWT, OAuth 2.0, and OIDC, including secure token storage and validation.

Can it review my existing code for security flaws?

While its primary focus is implementation, you can invoke it to audit code blocks and suggest hardening measures such as rate limiting and security headers.

Secure Code Guardian

Name: Secure Code Guardian
Author: Jeffallan

byJeffallan

•

Security & Testing

Secures applications by implementing defensive coding patterns, robust authentication, and OWASP-compliant vulnerability prevention.

Secure Code Guardian acts as a senior security engineer within Claude Code, providing expert guidance on hardening applications against modern threats. It specialized in the implementation of complex security controls like JWT authentication, password hashing with Argon2, and parameterized queries to prevent SQL injection. Whether you are building an identity system from scratch or auditing existing endpoints for OWASP Top 10 vulnerabilities, this skill ensures your codebase follows industry-best defense-in-depth strategies and maintains a high security posture.

Key Features

017 GitHub stars

02Modern encryption standards and secure session management

03Robust authentication and authorization (JWT, OAuth 2.0, OIDC)

04Automated security header configuration and rate limiting

05OWASP Top 10 vulnerability mitigation and prevention patterns

06Secure input validation and data sanitization implementations

Use Cases

01Building a secure user authentication system with salted password hashing

02Hardening API endpoints against XSS, CSRF, and SQL injection

03Implementing secure data storage and communication using modern encryption

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add jeffallan/claude-skills secure-code-guardian

For use in Claude.ai and ChatGPT

Download Skill