Can this skill be used for blockchain development?

Yes, it specifically includes security patterns for Solana, including wallet signature verification and transaction validation steps.

How does it handle input validation?

It provides implementation patterns for Zod, allowing you to define strict schemas for all user inputs, file uploads, and API requests to ensure data integrity.

Does it support database security features like Supabase RLS?

Absolutely. It includes specific guidance on implementing Row Level Security (RLS) policies to ensure users can only access data they are authorized to see.

What security vulnerabilities does this skill help prevent?

The skill focuses on preventing common vulnerabilities like SQL injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), and unauthorized data access.

Does this skill help with environment variable safety?

Yes, it includes strict guidelines and validation steps to ensure secrets like API keys and passwords are never hard-coded and are properly managed via environment variables.

Security Review & Best Practices

Name: Security Review & Best Practices
Author: saar120

bysaar120

0•

Security & Testing

Audits application code for security vulnerabilities and enforces industry-standard best practices for authentication, data validation, and secret management.

The Security Review skill transforms Claude into a specialized security consultant, providing comprehensive checklists and implementation patterns to harden your codebase. It covers critical security domains including secret management, input validation using Zod, SQL injection prevention, and secure authentication flows like JWT handling and Supabase Row Level Security. By integrating this skill, developers can proactively identify vulnerabilities, implement robust XSS and CSRF protections, and ensure that sensitive operations like payments or blockchain transactions meet the highest security standards before deployment.

Key Features

01Comprehensive security checklists for authentication and authorization

02Secure secret management and environment variable auditing

03XSS and CSRF protection implementation for web applications

04SQL injection prevention via parameterized query patterns

050 GitHub stars

06Input validation patterns and schema enforcement using Zod

Use Cases

01Auditing new API endpoints for potential security leaks or logic flaws

02Hardening database access patterns and row-level security policies

03Implementing secure user input handling and file upload validation

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add saar120/skillgate-registry security-review

For use in Claude.ai and ChatGPT

Key Features

01Comprehensive security checklists for authentication and authorization

02Secure secret management and environment variable auditing

03XSS and CSRF protection implementation for web applications

04SQL injection prevention via parameterized query patterns

050 GitHub stars

06Input validation patterns and schema enforcement using Zod

Use Cases

01Auditing new API endpoints for potential security leaks or logic flaws

02Hardening database access patterns and row-level security policies

03Implementing secure user input handling and file upload validation

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add saar120/skillgate-registry security-review

For use in Claude.ai and ChatGPT