Can this help me fix insecure password storage?

Yes, it provides modern, production-ready code examples for password hashing using bcrypt and Argon2 across multiple languages.

Which programming languages does this skill support?

The skill provides secure implementation patterns for Python, JavaScript/Node.js, Java, and Go.

What specific security standards are referenced?

The remediation patterns align with OWASP ASVS and address CWE-327 (Weak Cryptography), CWE-330 (Insecure Randomness), and CWE-295 (TLS Certificate Validation).

Does this skill detect vulnerabilities in my code?

No, this skill is specifically designed for remediation. To detect vulnerabilities, you should use the vulnerability-patterns skill.

Crypto Security Remediation

Name: Crypto Security Remediation
Author: Zate

byZate

安全与测试

Fixes cryptographic security flaws by replacing weak algorithms, insecure randomness, and broken TLS configurations with language-specific secure patterns.

关于

This skill provides actionable remediation patterns for common cryptographic vulnerabilities including weak hashing, insecure encryption, and improper TLS validation. It helps developers transition from deprecated standards like MD5 or SHA1 to modern, secure implementations such as Argon2, bcrypt, and AES-GCM. By providing specific code examples for Python, JavaScript, Java, and Go, it ensures that security-sensitive operations like password hashing and random token generation are handled using industry-standard best practices and cryptographically secure libraries.

主要功能

TLS/SSL certificate validation enforcement
CSPRNG implementation for secure token generation
Modern encryption patterns using AES-GCM
Multi-language support for Python, Node.js, Java, and Go
0 GitHub stars
Secure password hashing implementations (bcrypt, Argon2)

使用场景

Replacing predictable random number generators with cryptographically secure alternatives
Refactoring legacy code using deprecated algorithms like MD5 or SHA1
Fixing man-in-the-middle risks by enabling proper TLS certificate verification

关于

主要功能

TLS/SSL certificate validation enforcement
CSPRNG implementation for secure token generation
Modern encryption patterns using AES-GCM
Multi-language support for Python, Node.js, Java, and Go
0 GitHub stars
Secure password hashing implementations (bcrypt, Argon2)

使用场景

Replacing predictable random number generators with cryptographically secure alternatives
Refactoring legacy code using deprecated algorithms like MD5 or SHA1
Fixing man-in-the-middle risks by enabling proper TLS certificate verification