Can it help secure cloud infrastructure?

Absolutely. It includes specialized guidance for cloud-specific security, including IAM, CI/CD hardening, and network policy configuration.

Is it compatible with modern web frameworks?

Yes, the skill provides code patterns for TypeScript, Node.js, Next.js, and Supabase, covering modern web development security needs.

How does it handle sensitive secrets and credentials?

The skill enforces strict patterns for environment variables, ensuring secrets are never hardcoded or stored in version control history.

Does this skill help with OWASP Top 10 vulnerabilities?

Yes, it provides specific implementation patterns and checklists to mitigate common risks such as SQL Injection, XSS, CSRF, and broken access control.

Security Review

Name: Security Review
Author: flatrick

byflatrick

0•

安全与测试

Conducts comprehensive security audits and implements defensive coding patterns to protect applications from vulnerabilities.

The Security Review skill provides Claude Code with a specialized framework for identifying and mitigating security risks across the entire development lifecycle. It equips the agent with industry-standard checklists and implementation patterns for critical domains such as authentication, secrets management, input validation, and protection against common attacks like SQL injection and XSS. Whether you are building financial features or basic API endpoints, this skill ensures your code follows a security-first development philosophy with production-ready code examples and pre-deployment verification steps.

主要功能

010 GitHub stars

02Hardened secrets management and environment variable enforcement

03Secure authentication workflows and httpOnly cookie implementation

04Parameterized SQL query patterns for injection prevention

05Schema-based input validation and file upload sanitization

06Cloud infrastructure security and IAM policy auditing

使用场景

01Hardening API endpoints against rate-limiting and XSS attacks

02Building production-ready authentication and authorization systems

03Conducting automated pre-deployment security checklists

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add flatrick/mdt security-review

For use in Claude.ai and ChatGPT