Is this skill available in Japanese?

Yes, this skill is part of the docs-ja-JP plugin, providing specialized security guidance and documentation in Japanese.

How does it handle application secrets?

It provides patterns for externalizing secrets via environment variables or vaults, ensuring sensitive credentials are never committed to source code.

Can it help prevent SQL Injection?

Absolutely. The skill enforces the use of Spring Data repositories and parameterized queries with specific binding to prevent string concatenation vulnerabilities.

Does it include a production checklist?

Yes, it includes a detailed pre-release checklist covering 10 critical areas including auth validation, header configuration, and log safety.

Does this skill support JWT authentication?

Yes, it prioritizes stateless JWT or opaque tokens with revocation lists for modern, secure API authentication.

Spring Boot Security Best Practices

Name: Spring Boot Security Best Practices
Author: Infopibe

byInfopibe

•

Security & Testing

Implements industry-standard security patterns and best practices for Java Spring Boot applications.

This skill provides a comprehensive security framework for Spring Boot development, offering expert guidance on authentication (JWT/Sessions), authorization (Method Security), and data protection. It helps developers prevent common vulnerabilities like SQL injection and CSRF while ensuring robust secret management and dependency security. This skill is particularly useful for conducting security reviews or building production-ready Java services, featuring localized documentation support for Japanese-speaking development teams.

Key Features

011 GitHub stars

02Granular method-level authorization using @PreAuthorize and @EnableMethodSecurity

03Hardened security header configurations and CSRF protection strategies

04Comprehensive pre-release security checklist for production readiness

05Automated input validation and SQL injection prevention techniques

06Standardized JWT and session-based authentication implementations

Use Cases

01Building a secure REST API with stateless JWT authentication and rate limiting

02Implementing secure secret management and dependency scanning in a CI/CD pipeline

03Conducting a security audit and vulnerability review on an existing Spring Boot codebase

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add infopibe/everything-claude-code springboot-security

For use in Claude.ai and ChatGPT

Key Features

011 GitHub stars

02Granular method-level authorization using @PreAuthorize and @EnableMethodSecurity

03Hardened security header configurations and CSRF protection strategies

04Comprehensive pre-release security checklist for production readiness

05Automated input validation and SQL injection prevention techniques

06Standardized JWT and session-based authentication implementations

Use Cases

01Building a secure REST API with stateless JWT authentication and rate limiting

02Implementing secure secret management and dependency scanning in a CI/CD pipeline

03Conducting a security audit and vulnerability review on an existing Spring Boot codebase

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add infopibe/everything-claude-code springboot-security

For use in Claude.ai and ChatGPT