The Agent Skills Directory

[SAFE]: The skill provides robust security patterns for authentication and authorization.
Uses jose for secure JWT generation and validation with short-lived access tokens.
Uses passlib with bcrypt for secure password hashing (min 10 rounds recommended).
Implements refresh token rotation and revocation to maintain secure sessions.
[SAFE]: Secure database and input handling.
Employs SQLModel which enforces parameterized queries to prevent SQL injection vulnerabilities.
Uses Pydantic for strict type validation and data sanitization on all API request/response models.
[SAFE]: Verified payment integrations.
Webhook handlers for Stripe use stripe.Webhook.construct_event for mandatory signature verification.
JazzCash and EasyPaisa integrations implement HMAC signatures and server-to-server status verification.
[SAFE]: Secure infrastructure and configuration.
Environment variables are used for all secrets via pydantic-settings, preventing hardcoded credentials.
Middleware adds essential security headers including HSTS, Content Security Policy (CSP), and X-Frame-Options.
Docker configurations implement non-root users for safe containerized execution.

fastapi-full-stack