security-sentinellisted

Use when working with authentication, API routes, user input, or sensitive data. Audits code for security vulnerabilities based on OWASP Top 10. Critical for payment processing, auth systems, and data handling.
aiskillstore/marketplace · ★ 329 · API & Backend · score 82

Install: claude install-skill aiskillstore/marketplace

# Security Sentinel (World-Class Security Skill) ## When to Use **ALWAYS use this skill when:** - Writing/reviewing API routes (especially POST/PATCH/PUT/DELETE) - Implementing authentication or authorization - Handling user input (forms, query params, file uploads) - Working with database queries - Processing file operations - Managing environment variables and secrets - Building payment processing features - Implementing session management - Handling sensitive data or encryption - Before creating pull requests - Before deployment ## Comprehensive Documentation This skill includes complete security references: ### 📚 Core References (10,426 lines total) 1. **owasp-top-10-complete.md** (2,133 lines) - Complete OWASP Top 10 with code examples - A01: Broken Access Control (IDOR, path traversal) - A02: Cryptographic Failures (weak hashing, hardcoded secrets) - A03: Injection (SQL, NoSQL, Command injection) - A04: Insecure Design (race conditions, rate limiting) - A05: Security Misconfiguration (CORS, error messages) - A06: Vulnerable Components (dependency management) - A07: Authentication Failures (weak passwords, MFA) - A08: Integrity Failures (supply chain, deserialization) - A09: Logging Failures (audit trails, monitoring) - A10: SSRF (URL validation, IP blocking) 2. **authentication-patterns.md** (1,529 lines) - Complete authentication guide - JWT token authentication - Session-based authentication - Password hashing (bcrypt, Ar