How does it handle blockchain security?

It includes specific modules for Solana development, focusing on wallet signature verification and transaction validation to prevent unauthorized transfers.

Can it prevent SQL injection and XSS?

Yes, the skill provides specific code patterns for parameterized queries and DOM sanitization to mitigate common attack vectors like SQL injection and Cross-Site Scripting.

What does the Security Review skill do?

It provides Claude with specialized knowledge to identify security vulnerabilities and suggest best-practice implementations for sensitive features like payments and authentication.

Does it support specific programming languages?

While the examples focus on TypeScript and SQL, the security principles and checklists are applicable across most modern programming languages and frameworks.

Security Review & Best Practices

Name: Security Review & Best Practices
Author: monch1962

bymonch1962

•

安全与测试

Audits code for vulnerabilities and enforces industry-standard security patterns for authentication, data handling, and API development.

The Security Review skill provides a comprehensive framework for identifying potential security risks and implementing robust defense patterns within your codebase. It offers specialized guidance on secrets management, input validation using Zod, SQL injection prevention, and secure authentication workflows like httpOnly cookies and Row Level Security. By integrating these checklists and code examples, developers can ensure their applications adhere to OWASP standards and protect sensitive user data across modern web and blockchain environments.

主要功能

01Comprehensive checklists for authentication, authorization, and session management

02SQL injection prevention through parameterized queries and ORM best practices

03Robust input validation patterns using Zod for schemas and file uploads

04Automated secrets management workflows to prevent hardcoded credentials

05XSS and CSRF protection strategies including CSP headers and sanitization

061 GitHub stars

使用场景

01Hardening API endpoints and handling sensitive user input or file uploads

02Conducting pre-deployment security audits to ensure production readiness

03Implementing secure authentication systems and role-based access control

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add monch1962/everything-opencode security-review

For use in Claude.ai and ChatGPT

Download Skill