When should I activate the Security Review skill?

Activate this skill whenever you are building authentication systems, handling user input or file uploads, creating API endpoints, or working with sensitive data like secrets and payments.

Does this skill support blockchain security?

Yes, it includes specialized patterns for Solana blockchain security, including wallet ownership verification and transaction detail validation.

What tools does it recommend for input validation?

It primarily recommends using Zod for schema-based validation to ensure all incoming user data meets strict type, size, and format requirements before processing.

How does it help prevent SQL injection?

The skill provides clear code patterns for using parameterized queries and ORM best practices to ensure user input is never directly concatenated into SQL strings.

Security Review

Name: Security Review
Author: XD3an

byXD3an

•

Security & Testing

Conducts comprehensive security audits and provides implementation patterns for authentication, input validation, and data protection.

About

The Security Review skill empowers developers to build more secure applications by providing automated guidance on critical security domains including secrets management, SQL injection prevention, and cross-site scripting (XSS) mitigation. It offers standardized patterns for robust authentication, authorization, and input validation using tools like Zod and DOMPurify. By integrating this skill into the development workflow, teams can identify vulnerabilities early and ensure compliance with modern security best practices like the OWASP Top 10 and Supabase Row Level Security (RLS).

Key Features

Blockchain-specific security for wallet ownership and transaction verification
Schema-based input validation and secure file upload restriction logic
8 GitHub stars
Automated secrets management and environment variable verification patterns
Parameterized query generation to prevent SQL injection vulnerabilities
Secure authentication handling using JWTs and httpOnly cookie patterns

Use Cases

Ensuring database queries and file uploads are properly sanitized and restricted
Reviewing API endpoints for potential data leaks or authorization flaws
Implementing secure authentication or payment features in web applications

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add xd3an/awesome-ai-coding-all-in-one security-review

For use in Claude.ai and ChatGPT

Download Skill

GitHub