How does this skill help prevent SQL injection?

The skill provides specific patterns for parameterized queries and ORM usage to ensure that user-provided input is never directly concatenated into SQL strings.

Does it provide guidance on secret management?

Absolutely. It includes a checklist to ensure API keys, tokens, and passwords are kept out of source code and Git history by using environment variables properly.

Does it help with input validation standards?

It promotes schema-based validation using Zod and provides patterns for file upload restrictions, including size and MIME type checks.

Can it handle blockchain-specific security concerns?

Yes, it includes specialized verification steps for Solana, including wallet ownership validation and transaction checks to prevent blind signing.

Is this skill compatible with modern frameworks like Next.js?

Yes, it features dedicated sections for Next.js security headers, CSRF protection, and Supabase Row Level Security (RLS) configurations.

Security Review Pro

Name: Security Review Pro
Author: saar120

bysaar120

0•

安全与测试

Conducts comprehensive security audits and provides implementation patterns for authentication, input validation, and data protection.

The Security Review skill empowers developers to build hardened applications by providing a rigorous framework for identifying vulnerabilities and implementing security best practices. It covers critical areas such as secret management, parameterized queries to prevent SQL injection, JWT handling, and cross-site scripting (XSS) prevention. Whether you are building traditional web APIs or decentralized blockchain applications on Solana, this skill ensures your code adheres to industry-standard security protocols and protects against common exploits like the OWASP Top 10.

主要功能

01Secret management audit to prevent sensitive data exposure in source code and logs

02Comprehensive security checklists for authentication and authorization workflows

03Secure input validation patterns using schema-based libraries like Zod

04Specialized security protocols for Solana blockchain and wallet verification

05SQL injection, XSS, and CSRF prevention strategies

060 GitHub stars

使用场景

01Hardening frontend applications against XSS and CSRF using secure headers and sanitization

02Performing a pre-deployment security audit on new API endpoints and database queries

03Implementing secure user authentication and Row Level Security (RLS) in Supabase

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add saar120/skillgate-registry security-review

For use in Claude.ai and ChatGPT

主要功能

01Secret management audit to prevent sensitive data exposure in source code and logs

02Comprehensive security checklists for authentication and authorization workflows

03Secure input validation patterns using schema-based libraries like Zod

04Specialized security protocols for Solana blockchain and wallet verification

05SQL injection, XSS, and CSRF prevention strategies

060 GitHub stars

使用场景

01Hardening frontend applications against XSS and CSRF using secure headers and sanitization

02Performing a pre-deployment security audit on new API endpoints and database queries

03Implementing secure user authentication and Row Level Security (RLS) in Supabase

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add saar120/skillgate-registry security-review

For use in Claude.ai and ChatGPT