Does it support modern browser security standards?

Yes, it specifically checks for SameSite cookie attributes and proper origin validation techniques.

Is it compatible with other security tools?

Yes, it is designed to work alongside other Claude Code security plugins for a holistic application assessment.

How does this skill detect CSRF vulnerabilities?

It analyzes your application's endpoints, cookie settings, and token implementations to find missing or weak security patterns.

When should I use the CSRF Security Validator?

Use it during security audits, before deploying new API endpoints, or when performing general application hardening.

Can it fix CSRF issues automatically?

While it primarily identifies vulnerabilities and provides remediation recommendations, it guides developers on how to implement proper fixes.

CSRF Security Validator

Name: CSRF Security Validator
Author: jeremylongshore

byjeremylongshore

•

884

•

Security & Testing

Identifies Cross-Site Request Forgery (CSRF) vulnerabilities by auditing security mechanisms like tokens, cookies, and SameSite attributes.

The CSRF Security Validator skill empowers Claude to perform automated security audits of web applications, specifically targeting Cross-Site Request Forgery risks. It analyzes application endpoints to detect missing protections, validates the implementation of synchronizer tokens and double-submit cookies, and checks SameSite cookie attributes. This skill is essential for developers and security engineers who need to assess an application's security posture, generate remediation reports, and ensure all state-changing operations are shielded from malicious cross-site attacks.

Key Features

01Validation of CSRF tokens and double-submit cookie patterns

02Identification of attack vectors for unprotected state-changing operations

03Endpoint vulnerability analysis for missing CSRF guards

04Detailed security report generation with remediation steps

05884 GitHub stars

06Auditing of SameSite cookie attributes and origin validation

Use Cases

01Auditing a web application's API for CSRF protection gaps before deployment

02Generating comprehensive security reports for compliance and vulnerability management

03Verifying SameSite cookie configurations to prevent unauthorized cross-site requests

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add jeremylongshore/claude-code-plugins-plus-skills skill-adapter

For use in Claude.ai and ChatGPT

Download Skill