Is this skill compatible with Django Rest Framework (DRF)?

Yes, it specifically addresses API security concerns such as rate limiting (throttling), custom DRF permissions, and secure token management.

Can I use this for custom user models?

Yes, it includes best practices for creating custom AbstractUser models and configuring Argon2 or BCrypt for superior password hashing compared to default settings.

How does this skill prevent SQL injection in Django?

It enforces the use of the Django ORM's built-in parameterization and provides guidance on safely using raw SQL queries with proper parameter escaping to prevent malicious data injection.

Does it help with production deployment settings?

Absolutely. It provides a comprehensive checklist for production-only settings including SSL redirects, HSTS, secure cookies, and environment variable management for secret keys.

Django Security Best Practices

Name: Django Security Best Practices
Author: nbossn

bynbossn

0•

安全与测试

Hardens Django applications by implementing robust authentication, authorization, and protection against common web vulnerabilities.

The Django Security skill provides a comprehensive framework for securing web applications against industry-standard threats like SQL injection, Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF). It guides developers through critical production configurations, including secure header management, HSTS settings, and robust role-based access control (RBAC). Whether you are bootstrapping a new project with a custom user model or auditing an existing codebase for deployment readiness, this skill ensures your application follows the latest security standards and ECC guidelines.

主要功能

01Secure file upload validation and API rate limiting strategies

020 GitHub stars

03Production-ready security settings and HTTP header configurations

04Custom user model implementation with advanced password hashing (Argon2/BCrypt)

05Granular Role-Based Access Control (RBAC) and permission systems

06Automated patterns for preventing SQL injection, XSS, and CSRF attacks

使用场景

01Implementing custom user models with email-based authentication and secure sessions

02Hardening a Django application for production-grade deployment

03Auditing codebases for common security flaws and OWASP compliance

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add nbossn/claude-code-base django-security

For use in Claude.ai and ChatGPT

主要功能

01Secure file upload validation and API rate limiting strategies

020 GitHub stars

03Production-ready security settings and HTTP header configurations

04Custom user model implementation with advanced password hashing (Argon2/BCrypt)

05Granular Role-Based Access Control (RBAC) and permission systems

06Automated patterns for preventing SQL injection, XSS, and CSRF attacks

使用场景

01Implementing custom user models with email-based authentication and secure sessions

02Hardening a Django application for production-grade deployment

03Auditing codebases for common security flaws and OWASP compliance

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add nbossn/claude-code-base django-security

For use in Claude.ai and ChatGPT