rails-security-review
Rails Security Review
Use this skill when the task is to review or harden Rails code from a security perspective.
Core principle: Prioritize exploitable issues over style. Assume any untrusted input can be abused.
HARD-GATE: Authorization Findings Lead the Report
BEFORE returning your security review, verify:
1. The FIRST finding section in your output is "Authentication & Authorization"
2. SQL injection, XSS, or other findings come AFTER auth/authz — even if
they feel more severe or were discovered first
3. If no auth/authz issue exists, the report still opens with an explicit
"Authentication & Authorization: no issues found" line BEFORE any other
finding category
Quick Reference
More from midudev/autoskills
bun
Use when building, testing, and deploying JavaScript/TypeScript applications. Reach for Bun when you need to run scripts, manage dependencies, bundle code, or test applications with a single unified tool.
19react-hook-form
React Hook Form performance optimization for client-side form validation using useForm, useWatch, useController, and useFieldArray. This skill should be used when building client-side controlled forms with React Hook Form library. This skill does NOT cover React 19 Server Actions, useActionState, or server-side form handling (use react-19 skill for those).
16pydantic
Python data validation using type hints and runtime type checking with Pydantic v2's Rust-powered core for high-performance validation in FastAPI, Django, and configuration management.
13prisma-postgres
Prisma Postgres setup and operations guidance across Console, create-db CLI, Management API, and Management API SDK. Use when creating Prisma Postgres databases, working in Prisma Console, provisioning with create-db/create-pg/create-postgres, or integrating programmatic provisioning with service tokens or OAuth.
12nestjs-best-practices
NestJS best practices and architecture patterns for building production-ready applications. This skill should be used when writing, reviewing, or refactoring NestJS code to ensure proper patterns for modules, dependency injection, security, and performance.
12flutter-animations
>-
11