Input Validation & Sanitization

About

This skill provides a comprehensive framework for Claude to handle untrusted user input securely across TypeScript and Python environments. It emphasizes a 'security-first' approach by focusing on server-side validation using Zod v4 and Pydantic. By implementing allowlist strategies, type coercion, and schema-driven development, it helps developers mitigate common security vulnerabilities such as SQL injection, Cross-Site Scripting (XSS), and malformed API requests, ensuring that application data remains clean and predictable.

Key Features

• Schema-driven validation using Zod v4 and Pydantic models
• Secure file upload validation including magic byte checking
• 29 GitHub stars
• Automatic type coercion for query parameters and form data
• Implementation of robust allowlist strategies over brittle blocklists
• Support for discriminated unions in complex data structures

Use Cases

• Securing FastAPI or Express.js API endpoints against malformed request bodies
• Implementing secure file upload handlers that verify actual content types
• Validating complex form submissions and URL query parameters in web applications