How does this skill handle secret management?

The skill enforces the use of Doppler for secret injection, providing clear patterns to ensure sensitive keys are never hardcoded or committed to git repositories.

What common vulnerabilities does this skill address?

It provides defensive patterns against the OWASP Top 10, specifically targeting XSS, SQL injection, insecure file uploads, and improper CORS configurations.

Does this support both TypeScript and Python stacks?

Yes, it provides specific implementation examples for TanStack Start (TypeScript/Zod) and FastAPI (Python/Pydantic/SQLModel).

How does it manage multi-tenant security?

It utilizes PostgreSQL Row Level Security (RLS) to ensure that users can only access data belonging to their specific tenant ID, preventing cross-tenant data leakage.

Grey Haven Security Practices

Name: Grey Haven Security Practices
Author: greyhaven-ai

bygreyhaven-ai

•

安全与测试

Enforces enterprise-grade security standards including multi-tenant isolation, secret management, and robust input validation for modern web stacks.

关于

The Grey Haven Security Practices skill equips Claude with specialized knowledge to implement and audit security-critical features within TanStack Start and FastAPI applications. It provides standardized patterns for Doppler-based secret management, Zod and Pydantic validation, and strict Row Level Security (RLS) for multi-tenant data isolation. By applying these best practices, developers can proactively defend against the OWASP Top 10 vulnerabilities while ensuring consistent security configurations across development and production environments.

主要功能

Integrated secret management using Doppler to prevent credential leakage
Production-ready CORS, session security, and rate-limiting configurations
Built-in protection patterns for XSS, SQL Injection, and Path Traversal
Comprehensive input validation patterns for both TypeScript (Zod) and Python (Pydantic)
Multi-tenant isolation through PostgreSQL Row Level Security (RLS) policies
15 GitHub stars

使用场景

Hardening authentication and session management for full-stack applications
Migrating hardcoded secrets to secure environment variable management systems
Implementing secure multi-tenant architectures with strict data boundaries

关于

主要功能

Integrated secret management using Doppler to prevent credential leakage
Production-ready CORS, session security, and rate-limiting configurations
Built-in protection patterns for XSS, SQL Injection, and Path Traversal
Comprehensive input validation patterns for both TypeScript (Zod) and Python (Pydantic)
Multi-tenant isolation through PostgreSQL Row Level Security (RLS) policies
15 GitHub stars

使用场景

Hardening authentication and session management for full-stack applications
Migrating hardcoded secrets to secure environment variable management systems
Implementing secure multi-tenant architectures with strict data boundaries