Can it help me prevent SQL injection?

Absolutely. The skill provides patterns for parameterized queries and input validation to ensure your database interactions remain secure.

Does it assist with frontend security?

Yes, it includes guidance on implementing secure browser headers like Content Security Policy (CSP) to protect against XSS and clickjacking.

How does it handle sensitive information like API keys?

The skill enforces best practices for secrets management, advising the use of environment variables or secure vaults rather than hardcoding credentials.

Does this skill support specific programming languages?

Yes, the security guidelines provided are universal and can be applied to any technology stack, including JavaScript, Python, Go, and more.

Does it include modern password hashing standards?

Yes, it recommends and provides implementation guidance for modern, secure algorithms like bcrypt and Argon2 instead of outdated methods like MD5.

Security & OWASP Best Practices

Name: Security & OWASP Best Practices
Author: TheBeardedBearSAS

byTheBeardedBearSAS

•

Security & Testing

Implements universal security guidelines and OWASP Top 10 standards to harden codebases against vulnerabilities and secure authentication workflows.

This skill transforms Claude into a security-focused development partner, providing expert guidance on mitigating risks and implementing industry-standard safety protocols across any technology stack. It covers critical areas such as server-side input validation, parameterized queries to prevent SQL injection, secure password hashing using Argon2 or bcrypt, and the correct implementation of authentication and authorization frameworks like RBAC. By embedding these practices directly into the development cycle, the skill helps teams proactively address common vulnerabilities, manage secrets safely, and configure hardened HTTP headers to maintain a high security posture.

Key Features

01Security header configuration (CSP, HSTS, X-Frame-Options)

02Parameterized query and input validation guidance

0393 GitHub stars

04OWASP Top 10 vulnerability mitigation strategies

05Secure authentication and RBAC implementation patterns

06Secrets management and environment variable best practices

Use Cases

01Hardening web applications through secure configuration and standardized security headers

02Implementing robust identity management and authentication systems from scratch

03Auditing existing source code for common security flaws and injection vulnerabilities

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add thebeardedbearsas/claude-craft security

For use in Claude.ai and ChatGPT

Download Skill