Does this skill support GraphQL and WebSockets?

Yes, the skill provides specific security design patterns and best practices for REST, GraphQL, and WebSocket communication protocols.

Is it compatible with major frameworks like Express or Fastify?

Yes, the skill provides implementation examples and middleware patterns that can be adapted to any major Node.js framework.

Can it help me implement multi-factor authentication (MFA)?

Yes, it includes guidance on setting up secure MFA flows and session management to enhance user account security.

How does this skill prevent SQL injection?

It guides you in using parameterized queries, secure ORM patterns, and strict input schema validation to ensure malicious payloads are never executed.

API Security Best Practices

Name: API Security Best Practices
Author: claudiodearaujo

byclaudiodearaujo

0•

Security & Testing

Implements industry-standard security patterns to protect API endpoints against unauthorized access and common web vulnerabilities.

The API Security Best Practices skill empowers developers to build resilient backend services by integrating defense-in-depth strategies. It provides specialized guidance on implementing robust authentication flows using JWT and OAuth 2.0, enforcing role-based access control (RBAC), and sanitizing inputs to neutralize injection attacks. By covering critical areas like rate limiting, sensitive data encryption, and OWASP Top 10 mitigation, this skill ensures your REST, GraphQL, and WebSocket APIs are prepared for production-grade security audits and real-world threats.

Key Features

01Data-at-rest and data-in-transit encryption implementation

02API security testing and OWASP Top 10 vulnerability mitigation

03Comprehensive authentication and authorization (JWT, OAuth 2.0, RBAC)

040 GitHub stars

05Configurable rate limiting and throttling to prevent service abuse

06Defensive input validation and sanitization using Zod and ORMs

Use Cases

01Implementing token-based authentication and refresh token rotation

02Securing sensitive user data and financial transactions in cloud APIs

03Hardening existing endpoints against SQL injection and XSS attacks

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add claudiodearaujo/sistema-de-narra-o-de-livro-front api-security-best-practices

For use in Claude.ai and ChatGPT

Download Skill

Key Features

01Data-at-rest and data-in-transit encryption implementation

02API security testing and OWASP Top 10 vulnerability mitigation

03Comprehensive authentication and authorization (JWT, OAuth 2.0, RBAC)

040 GitHub stars

05Configurable rate limiting and throttling to prevent service abuse

06Defensive input validation and sanitization using Zod and ORMs

Use Cases

01Implementing token-based authentication and refresh token rotation

02Securing sensitive user data and financial transactions in cloud APIs

03Hardening existing endpoints against SQL injection and XSS attacks

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add claudiodearaujo/sistema-de-narra-o-de-livro-front api-security-best-practices

For use in Claude.ai and ChatGPT

Download Skill