security
SKILL.md
Security
This skill provides universal security guidelines and OWASP Top 10 best practices applicable to any technology stack.
See @REFERENCE.md for detailed documentation.
Quick Reference
- Validation: Always server-side, never trust client input
- Queries: Parameterized only (no SQL concatenation)
- Passwords: Hash with bcrypt/Argon2 (never MD5/SHA1)
- Secrets: Environment variables or vault (never in code)
- Headers: CSP, X-Frame-Options, HSTS, nosniff
Weekly Installs
18
Repository
thebeardedbears…de-craftGitHub Stars
94
First Seen
Jan 30, 2026
Security Audits
Installed on
opencode17
gemini-cli17
codex17
github-copilot16
cursor16
claude-code15