How does this skill help with SQL injection?

It identifies vulnerable string interpolation in database queries and provides templates for implementing parameterized queries to prevent injection attacks.

Is it compatible with Python and JavaScript?

Yes, the skill provides security patterns for common frameworks across both ecosystems, including FastAPI, Flask, and Node.js.

Can it audit my existing authentication logic?

Yes, the skill reviews your auth patterns against OWASP standards, checking for broken access control, weak hashing, and insecure token handling.

Does it support JWT security?

Absolutely. It includes detailed patterns for hardened JWT implementation, including algorithm enforcement, claim validation, and sidejacking protection.

OWASP Top 10 Security

Name: OWASP Top 10 Security
Author: yonatangross

byyonatangross

•

Security & Testing

Safeguards web applications by auditing code for the ten most critical security vulnerabilities and implementing industry-standard mitigations.

The OWASP Top 10 skill empowers developers to proactively secure their applications against the most prevalent and dangerous web vulnerabilities. By providing context-aware guidance and production-ready code patterns, it helps identify and fix issues like SQL injection, broken access control, and insecure JWT implementations. Whether you are conducting a security audit, setting up new authentication flows, or reviewing legacy code, this skill ensures your project aligns with global security best practices and modern defensive programming standards.

Key Features

01Production-ready security configurations for frameworks like FastAPI and Flask.

02Integrated security checklists for deployment and dependency scanning.

03Hardened JWT implementation patterns with sidejacking protection.

0469 GitHub stars

05Comprehensive vulnerability identification based on the latest OWASP Top 10 risks.

06Actionable code fixes for injection, broken access control, and cryptographic failures.

Use Cases

01Implementing secure authentication and authorization flows with JWT and argon2 hashing.

02Identifying and remediating SQL injection and Server-Side Request Forgery (SSRF) risks.

03Performing comprehensive security audits on existing web application codebases.

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add yonatangross/orchestkit owasp-top-10

For use in Claude.ai and ChatGPT

Download Skill