How does this skill prevent API key leaks?

It enforces the use of environment variables and .env files while providing automated checks to ensure sensitive files are listed in .gitignore.

Can this skill help with database security?

Absolutely. It provides specific patterns for parameterized queries to eliminate the risk of SQL injection common in string interpolation.

Does it protect against path traversal attacks?

Yes, it provides implementation patterns using Path.resolve() and is_relative_to() to ensure file operations remain within authorized directories.

Is it compatible with local development environments?

Yes, this skill is specifically designed as part of the anyclaude-local repository for use with local setups like LMSTUDIO.

Security Patterns

Name: Security Patterns
Author: akaszubski

byakaszubski

•

安全与测试

Implements industry-standard security best practices for secret management, input validation, and secure coding patterns.

The Security Patterns skill for Claude Code is a comprehensive security framework designed to safeguard your codebase against common vulnerabilities like those found in the OWASP Top 10. It provides specialized guidance for managing API keys through environment variables, preventing injection attacks, and securing file system operations. By enforcing strict validation patterns and path traversal protections, this skill ensures that developers maintain a high security posture while utilizing AI-driven coding workflows, particularly when working with local language models.

主要功能

01Parameterized query templates to prevent SQL injection vulnerabilities

02Secure API key management using .env and .gitignore best practices

03Hardcoded secret detection and redaction guidance for logging

04Automated input validation patterns for path traversal and command injection

052 GitHub stars

06Secure file operation patterns with restricted system permissions

使用场景

01Safely configuring environment variables for sensitive API integrations

02Sanitizing user-provided file paths in backend file processing systems

03Implementing cryptographically secure random generation for tokens and sessions

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add akaszubski/anyclaude-local security-patterns

For use in Claude.ai and ChatGPT

Download Skill