Can this skill help with database security?

Yes, it includes guidance on using parameterized queries and enabling Row Level Security (RLS) for platforms like Supabase to prevent unauthorized data access.

Does it include automated testing patterns?

It provides boilerplate code for testing authentication, authorization, input validation, and rate-limiting to ensure security persists through updates.

Does it support blockchain development?

The skill includes specialized checks for Solana development, focusing on wallet ownership verification and transaction validation to prevent blind signing.

How does this skill prevent sensitive data exposure?

It provides specific patterns for masking sensitive data in logs and ensuring that detailed error messages or stack traces are never exposed to the end-user.

Is the documentation localized?

Yes, this version of the security review skill is fully documented in Traditional Chinese (zh-TW) for developers in that region.

Security Review (zh-TW)

Name: Security Review (zh-TW)
Author: affaan-m

byaffaan-m

•

43,117

•

Security & Testing

Audits source code for potential vulnerabilities and enforces industry-standard security best practices across the full development stack.

The Security Review skill provides a comprehensive framework for identifying and mitigating security risks within Claude Code projects. It offers detailed checklists and implementation patterns for critical areas including secret management, input validation, SQL injection prevention, and secure authentication flows. Specifically localized in Traditional Chinese, it guides developers through complex security tasks like setting up Content Security Policies (CSP), implementing Row Level Security (RLS) in Supabase, and validating blockchain transactions, ensuring applications remain robust against the OWASP Top 10 threats.

Key Features

01Secure authentication and authorization patterns using JWT and httpOnly cookies

02Schema-based input validation and secure file upload handling patterns

03Secret management validation to prevent hardcoded API keys and credentials

0443,117 GitHub stars

05Comprehensive defenses against XSS, CSRF, and API rate-limiting attacks

06Parameterized query enforcement to mitigate SQL injection risks

Use Cases

01Implementing secure data handling and privacy controls for sensitive user information

02Performing a pre-deployment security audit on new API endpoints and authentication logic

03Validating blockchain wallet signatures and transaction integrity for Solana-based applications

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add affaan-m/everything-claude-code security-review

For use in Claude.ai and ChatGPT

Download Skill