What validation libraries does this skill support?

This skill focuses on industry-leading libraries: Zod v4 for TypeScript and JavaScript environments, and Pydantic for Python-based projects.

Is client-side validation covered?

While it mentions client-side for UX, the skill emphasizes that server-side validation is the only reliable security measure and provides the code to implement it.

Can I use this for file upload security?

Absolutely. It includes specific patterns for validating file magic bytes, MIME types, and size limits to prevent malicious file execution.

Does this skill help with SQL injection prevention?

Yes, it provides patterns for parameterized queries and strict input allowlisting to ensure that user input is never executed as code.

Input Validation & Sanitization

Name: Input Validation & Sanitization
Author: yonatangross

byyonatangross

•

安全与测试

Validates and sanitizes untrusted user input using industry-standard Zod and Pydantic patterns to prevent security vulnerabilities.

The Input Validation skill equips Claude with specialized patterns and best practices for securing applications against injection attacks, XSS, and malformed data. By implementing robust schema-based validation with Zod v4 for TypeScript and Pydantic for Python, it ensures that every piece of untrusted data—from API request bodies and query parameters to file uploads—is verified server-side. This skill prioritizes allowlists over blocklists, provides secure type coercion, and implements magic byte verification for files, making it an essential tool for developers building production-grade, secure applications.

主要功能

01Protection against SQL injection and XSS via sanitization patterns

0269 GitHub stars

03Secure file validation using magic bytes and MIME types

04Automatic type coercion for query strings and form data

05Schema-based validation using Zod v4 and Pydantic

06Standardized error formatting for user-friendly API responses

使用场景

01Validating and sanitizing multi-part form submissions and file uploads

02Securing REST and GraphQL API request bodies against malicious payloads

03Implementing strict type-safe schemas for complex data structures and discriminated unions

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add yonatangross/orchestkit input-validation

For use in Claude.ai and ChatGPT

Download Skill