Skip to main content

Secure Code Guardian

Skill Verified Active
Part of:Fullstack Dev Skills

Use when implementing authentication/authorization, securing user input, or preventing OWASP Top 10 vulnerabilities — including custom security implementations such as hashing passwords with bcrypt/argon2, sanitizing SQL queries with parameterized statements, configuring CORS/CSP headers, validating input with Zod, and setting up JWT tokens. Invoke for authentication, authorization, input validation, encryption, OWASP Top 10 prevention, secure session management, and security hardening. For pre-built OAuth/SSO integrations or standalone security audits, consider a more specialized skill.

Purpose

Implement robust security measures in code, including authentication, authorization, input validation, and preventing OWASP Top 10 vulnerabilities.

Features

  • Password hashing with bcrypt/argon2
  • Parameterized SQL queries
  • Input validation with Zod
  • JWT implementation and validation
  • Security header configuration (CSP, HSTS)
  • Rate limiting for authentication endpoints
  • OWASP Top 10 prevention strategies

Use Cases

  • Implementing secure user authentication and authorization flows.
  • Validating and sanitizing all user-provided input to prevent injection attacks.
  • Configuring security headers like CSP and HSTS.
  • Writing code that adheres to best practices for preventing OWASP Top 10 vulnerabilities.

Non-Goals

  • Providing pre-built OAuth/SSO integrations.
  • Performing standalone security audits.
  • Handling low-level network security configurations.

Installation

First, add the marketplace

/plugin marketplace add jeffallan/claude-skills
/plugin install claude-skills@fullstack-dev-skills

Quality Score

Verified
95 /100
Analyzed 1 day ago

Trust Signals

Last commit13 days ago
GitHub owner jeffallan (opens in new tab)
Stars9k
LicenseMIT
Status
View Source

Similar Extensions

Auth0 Express OAuth2 JWT Bearer

100

Use when adding Auth0 token validation to Express or Node.js APIs - integrates express-oauth2-jwt-bearer SDK to protect Node.js API endpoints with JWT Bearer authentication, scope-based RBAC, claim validation, and optional DPoP support

Skill
auth0

Auth0 Nuxt

100

Use when implementing Auth0 authentication in Nuxt 3/4 applications, configuring session management, protecting routes with middleware, or integrating API access tokens - provides setup patterns, composable usage, and security best practices for the @auth0/auth0-nuxt SDK

Skill
auth0

Better Auth Authentication

99

Better Auth authentication flows for TypeScript apps. Use when enabling email/password auth, configuring social providers, or implementing sign-up, sign-in, and verification flows.

Skill
bobmatnyc

Security Checklist

98

Security best practices for Micronaut/Kotlin backend including authentication, authorization, input validation, and OWASP prevention. Use when implementing auth, validating inputs, or reviewing security.

Skill
spartan-stratos

Netlify Identity

100

Use when the task involves authentication, user signups, logins, password recovery, OAuth providers, role-based access control, or protecting routes and functions. Always use `@netlify/identity`. Never use `netlify-identity-widget` or `gotrue-js` — they are deprecated.

Skill
netlify

Mongodb Mcp Setup

100

Guide users through configuring key MongoDB MCP server options. Use this skill when a user has the MongoDB MCP server installed but hasn't configured the required environment variables, or when they ask about connecting to MongoDB/Atlas and don't have the credentials set up.

Skill
mongodb

© 2025 SkillRepo · Find the right skill, skip the noise.