Can this skill identify IDOR vulnerabilities?

Yes, it specifically analyzes controller logic and database queries to ensure users cannot access resources belonging to others via ID manipulation.

Does it provide code fixes for identified issues?

Absolutely. For every vulnerability found, the skill provides a detailed exploit scenario and a refactored, secure code example.

Does it check for insecure .env configurations?

Yes, it audits configuration files and environment setups for risks like exposed debug modes, weak keys, or insecure CORS settings.

Which Laravel versions are supported?

The skill is optimized for Laravel 10 and 11, focusing on modern features like Vite, Sanctum, and updated Policy logic.

Laravel Security Audit

Name: Laravel Security Audit
Author: sickn33

bysickn33

•

31,721

•

安全与测试

Audits Laravel applications for security vulnerabilities, misconfigurations, and insecure coding practices using OWASP standards.

This skill transforms Claude into a specialized security engineer dedicated to the Laravel ecosystem. It meticulously analyzes Laravel 10/11+ applications to identify risks such as SQL injection, Cross-Site Scripting (XSS), mass assignment vulnerabilities, and insecure authorization logic. By providing actionable risk classifications and refactored code examples, it helps developers harden their applications against unauthenticated attackers and privilege escalation attempts while adhering to official Laravel best practices.

主要功能

01Comprehensive authorization check for Policies and Gates

02Security-focused risk classification (Critical to Informational)

03Input validation and FormRequest integrity auditing

04OWASP-aligned vulnerability detection for Laravel applications

05Detailed analysis of Mass Assignment and Fillable attributes

0631,721 GitHub stars

使用场景

01Auditing legacy Laravel code for IDOR and authorization gaps

02Conducting a pre-production security review of a Laravel web app

03Hardening API endpoints and Sanctum/JWT authentication flows

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add sickn33/antigravity-awesome-skills laravel-security-audit

For use in Claude.ai and ChatGPT

主要功能

01Comprehensive authorization check for Policies and Gates

02Security-focused risk classification (Critical to Informational)

03Input validation and FormRequest integrity auditing

04OWASP-aligned vulnerability detection for Laravel applications

05Detailed analysis of Mass Assignment and Fillable attributes

0631,721 GitHub stars

使用场景

01Auditing legacy Laravel code for IDOR and authorization gaps

02Conducting a pre-production security review of a Laravel web app

03Hardening API endpoints and Sanctum/JWT authentication flows

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add sickn33/antigravity-awesome-skills laravel-security-audit

For use in Claude.ai and ChatGPT