What XSS protections are included?

The skill covers safe template escaping, proper use of mark_safe vs format_html, and configuring Content Security Policy (CSP) headers.

How does this skill prevent SQL injection in Django?

The skill provides patterns for using the Django ORM's built-in protection and demonstrates how to properly parameterize raw SQL queries to prevent malicious input execution.

Does it support custom user models and authentication?

Absolutely. It provides code for implementing AbstractUser models with email-based login and high-entropy password hashing like Argon2.

Can this skill help with production deployment hardening?

Yes, it includes templates for essential production settings including SECURE_SSL_REDIRECT, HSTS, secure cookies, and X-Frame-Options.

Django Security Best Practices

Name: Django Security Best Practices
Author: affaan-m

byaffaan-m

•

43,117

•

Security & Testing

Secures Django applications by implementing robust authentication, authorization, and protection against common web vulnerabilities.

This Claude Code skill provides comprehensive guidance for hardening Django web applications against modern security threats. It offers production-ready configuration templates, custom user model patterns, and advanced Role-Based Access Control (RBAC) implementations. By integrating this skill, developers can automatically apply battle-tested defenses against SQL injection, Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF), while ensuring that production settings for SSL, cookies, and security headers meet industry standards.

Key Features

01Granular Role-Based Access Control (RBAC) and object-level permissions

02Automated patterns for SQL injection and XSS prevention

03Custom user models with email authentication and Argon2/BCrypt hashing

0443,117 GitHub stars

05Production-hardened settings and security header configurations

06Secure file upload validation and API rate limiting strategies

Use Cases

01Auditing and remediating security vulnerabilities in legacy Django projects

02Preparing a Django application for production deployment

03Implementing complex multi-role authorization systems

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add affaan-m/everything-claude-code django-security

For use in Claude.ai and ChatGPT

Download Skill