CSRF Security Validator

关于

This skill empowers Claude to perform automated security audits focused on CSRF protection by analyzing application endpoints for missing safeguards like synchronizer tokens, double-submit cookies, and SameSite attribute configurations. It provides developers with actionable insights by identifying vulnerable state-changing operations and generating detailed reports that include potential attack scenarios and specific remediation steps to harden the application's security posture.

主要功能

• Generation of detailed vulnerability and risk assessment reports
• Validation of SameSite cookie attributes and origin headers
• Assessment of synchronizer token and double-submit cookie implementations
• 0 GitHub stars
• Automated endpoint analysis for missing CSRF protection
• Remediation recommendations for insecure security configurations

使用场景

• Auditing a web application's security posture before a production release
• Verifying the correct configuration of SameSite attributes across all application cookies
• Identifying unprotected API endpoints that handle sensitive data modifications