此内容尚未提供您的语言版本,正在以英文显示。

Secure Code Guardian

技能已验证活跃

Use when implementing authentication/authorization, securing user input, or preventing OWASP Top 10 vulnerabilities — including custom security implementations such as hashing passwords with bcrypt/argon2, sanitizing SQL queries with parameterized statements, configuring CORS/CSP headers, validating input with Zod, and setting up JWT tokens. Invoke for authentication, authorization, input validation, encryption, OWASP Top 10 prevention, secure session management, and security hardening. For pre-built OAuth/SSO integrations or standalone security audits, consider a more specialized skill.

目的

Implement robust security measures in code, including authentication, authorization, input validation, and preventing OWASP Top 10 vulnerabilities.

功能

Password hashing with bcrypt/argon2
Parameterized SQL queries
Input validation with Zod
JWT implementation and validation
Security header configuration (CSP, HSTS)
Rate limiting for authentication endpoints
OWASP Top 10 prevention strategies

使用场景

Implementing secure user authentication and authorization flows.
Validating and sanitizing all user-provided input to prevent injection attacks.
Configuring security headers like CSP and HSTS.
Writing code that adheres to best practices for preventing OWASP Top 10 vulnerabilities.

非目标

Providing pre-built OAuth/SSO integrations.
Performing standalone security audits.
Handling low-level network security configurations.

安装

请先添加 Marketplace

/plugin marketplace add jeffallan/claude-skills

/plugin install claude-skills@fullstack-dev-skills

质量评分

已验证

95 /100

1 day ago 分析

信任信号

最近提交13 days ago

GitHub 所有者 jeffallan

星标9k

许可证MIT

状态

查看源代码

类似扩展

Auth0 Express OAuth2 JWT Bearer

100

Use when adding Auth0 token validation to Express or Node.js APIs - integrates express-oauth2-jwt-bearer SDK to protect Node.js API endpoints with JWT Bearer authentication, scope-based RBAC, claim validation, and optional DPoP support

技能

auth0

Auth0 Nuxt

100

Use when implementing Auth0 authentication in Nuxt 3/4 applications, configuring session management, protecting routes with middleware, or integrating API access tokens - provides setup patterns, composable usage, and security best practices for the @auth0/auth0-nuxt SDK

技能

auth0

Better Auth Authentication

Better Auth authentication flows for TypeScript apps. Use when enabling email/password auth, configuring social providers, or implementing sign-up, sign-in, and verification flows.

技能

bobmatnyc

Security Checklist

Security best practices for Micronaut/Kotlin backend including authentication, authorization, input validation, and OWASP prevention. Use when implementing auth, validating inputs, or reviewing security.

技能

spartan-stratos

Netlify Identity

100

用于身份验证、用户注册、登录、密码恢复、OAuth 提供商、基于角色的访问控制或保护路由和函数。始终使用 `@netlify/identity`。切勿使用 `netlify-identity-widget` 或 `gotrue-js` — 它们已弃用。

技能

netlify

Mongodb Mcp Setup

100

指导用户配置关键的 MongoDB MCP 服务器选项。当用户已安装 MongoDB MCP 服务器但未配置必需的环境变量，或当他们询问连接到 MongoDB/Atlas 但未设置凭据时，请使用此技能。

技能

mongodb