Is it compatible with both frontend and backend development?

Yes, it covers the full stack, from frontend Content Security Policies (CSP) to backend database query parameterization.

Does this skill help with OWASP Top 10 compliance?

Yes, it specifically provides patterns and implementations to prevent vulnerabilities like SQL injection, XSS, and broken access control.

Does it provide code for password hashing?

Yes, the skill enforces the use of strong hashing algorithms like Argon2 or bcrypt and strictly prohibits plaintext password storage.

Can it help me set up OAuth or JWT authentication?

Absolutely. It supports industry best practices for JWT, OAuth 2.0, and OIDC, including secure token storage and validation.

Can it review my existing code for security flaws?

While its primary focus is implementation, you can invoke it to audit code blocks and suggest hardening measures such as rate limiting and security headers.

Secure Code Guardian

Name: Secure Code Guardian
Author: Jeffallan

byJeffallan

•

Security & Testing

Secures applications by implementing defensive coding patterns, robust authentication, and OWASP-compliant vulnerability prevention.

About

Secure Code Guardian acts as a senior security engineer within Claude Code, providing expert guidance on hardening applications against modern threats. It specialized in the implementation of complex security controls like JWT authentication, password hashing with Argon2, and parameterized queries to prevent SQL injection. Whether you are building an identity system from scratch or auditing existing endpoints for OWASP Top 10 vulnerabilities, this skill ensures your codebase follows industry-best defense-in-depth strategies and maintains a high security posture.

Key Features

7 GitHub stars
Modern encryption standards and secure session management
Robust authentication and authorization (JWT, OAuth 2.0, OIDC)
Automated security header configuration and rate limiting
OWASP Top 10 vulnerability mitigation and prevention patterns
Secure input validation and data sanitization implementations

Use Cases

Building a secure user authentication system with salted password hashing
Hardening API endpoints against XSS, CSRF, and SQL injection
Implementing secure data storage and communication using modern encryption

About

Key Features

7 GitHub stars
Modern encryption standards and secure session management
Robust authentication and authorization (JWT, OAuth 2.0, OIDC)
Automated security header configuration and rate limiting
OWASP Top 10 vulnerability mitigation and prevention patterns
Secure input validation and data sanitization implementations

Use Cases

Building a secure user authentication system with salted password hashing
Hardening API endpoints against XSS, CSRF, and SQL injection
Implementing secure data storage and communication using modern encryption