What authentication methods does this skill support?

The skill supports multiple strategies including JWT (JSON Web Tokens) with secure cookie storage, session-based authentication using Redis, OAuth 2.0/OIDC flows, and secure API key management.

How does it handle sensitive data protection?

It provides implementation guides for bcrypt password hashing, AES-256-GCM encryption for PII at rest, and HSTS/HTTPS redirection to secure data in transit.

Can this skill help prevent brute-force attacks?

Yes, it includes patterns for implementing rate limiting at both global and endpoint-specific levels, specifically targeting sensitive routes like login and registration.

Does it provide guidance on CORS and security headers?

Absolutely. It includes production-ready configurations for CORS (Cross-Origin Resource Sharing) and Helmet.js integration to set critical security headers like CSP, HSTS, and X-Frame-Options.

Security Patterns

Name: Security Patterns
Author: CloudAI-X

byCloudAI-X

•

1,300

•

Security & Testing

Implements industry-standard security architectures for authentication, authorization, encryption, and application hardening.

Security Patterns provides a comprehensive library of implementation-ready blueprints for securing modern applications. It equips Claude with the expertise to design and code complex security features such as JWT and OAuth 2.0 flows, role-based access control (RBAC), secure password hashing with bcrypt, and sensitive data encryption at rest. By following these established patterns, developers can ensure their projects include critical defenses like rate limiting, CORS configuration, and security-hardened headers while systematically avoiding common anti-patterns and cryptographic vulnerabilities.

Key Features

01Standardized security header configurations and input validation patterns

02Comprehensive authentication strategies including JWT, OAuth 2.0, and API Keys

03Granular authorization models for RBAC and resource-level permission checks

04Secure cryptographic patterns for data encryption at rest and in transit

05Production-grade defensive middleware for rate limiting and CORS management

061,300 GitHub stars

Use Cases

01Building a secure user authentication system with refresh tokens and httpOnly cookies

02Implementing role-based access control to protect sensitive API endpoints and resources

03Hardening web applications against common vulnerabilities using security headers and rate limiting

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add cloudai-x/claude-workflow-v2 security-patterns

For use in Claude.ai and ChatGPT

Download Skill