security
Security
This skill provides universal security guidelines and OWASP Top 10 best practices applicable to any technology stack.
See @REFERENCE.md for detailed documentation.
Quick Reference
- Validation: Always server-side, never trust client input
- Queries: Parameterized only (no SQL concatenation)
- Passwords: Hash with bcrypt/Argon2 (never MD5/SHA1)
- Secrets: Environment variables or vault (never in code)
- Headers: CSP, X-Frame-Options, HSTS, nosniff
More from thebeardedbearsas/claude-craft
kiss-dry-yagni
Principes KISS, DRY, YAGNI. Use when reviewing code quality or refactoring.
97documentation
Documentation. Use when writing docs or reviewing documentation.
31solid-principles
SOLID principles for object-oriented design. Use when reviewing code quality, refactoring, designing classes or interfaces, or discussing architecture patterns.
23testing
TDD/BDD testing principles. Use when writing tests, reviewing test coverage, setting up testing, or discussing test strategy and test architecture.
21workflow-analysis
Workflow d'Analyse Obligatoire. Use when working with workflow analysis.
20security-reactnative
Security - React Native 0.85+ Best Practices. Use when reviewing security, implementing auth, or hardening code.
18