How does it help with sensitive data protection?

It provides best practices for encryption at rest and in transit, secure password hashing using bcrypt or argon2, and environment variable management for secrets.

Does it provide guidance on the OWASP Top 10?

Yes, it includes a quick reference and detailed implementation strategies for mitigating all OWASP Top 10 risks, such as Injection and Broken Access Control.

Which frameworks does this security skill support?

The skill is specifically optimized for React, Next.js, and NestJS environments, including related tools like MongoDB and AWS security services.

Can this skill help configure security headers?

Yes, it assists in configuring critical security headers including X-Content-Type-Options, X-Frame-Options, Strict-Transport-Security, and Content Security Policy (CSP).

Security Expert

Name: Security Expert
Author: shipshitdev

byshipshitdev

•

Security & Testing

Secures full-stack applications by implementing robust authentication, authorization, and data protection patterns aligned with OWASP Top 10 standards.

The Security Expert skill provides deep domain knowledge for building secure applications using React, Next.js, and NestJS. It guides developers through implementing secure authentication flows, fine-grained Role-Based Access Control (RBAC), and protective measures against common vulnerabilities like injection and broken access control. By leveraging OWASP principles and framework-specific best practices, this skill ensures that security is integrated throughout the development lifecycle, from input validation and security header configuration to dependency management and multi-tenancy enforcement.

Key Features

0110 GitHub stars

02Secure authentication setup including JWT, MFA, and OAuth/SSO

03Fine-grained RBAC and resource-level authorization patterns

04Implementation of OWASP Top 10 mitigation strategies

05Comprehensive security checklists for code reviews and audits

06Configuration of security headers like CSP, HSTS, and X-Frame-Options

Use Cases

01Configuring complex Content Security Policies (CSP) for Next.js applications

02Reviewing codebases for common security vulnerabilities and logic flaws

03Implementing secure multi-tenancy and data isolation in NestJS backends

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add shipshitdev/library security-expert

For use in Claude.ai and ChatGPT

Download Skill