validating-csrf-protection
SolidThis skill helps to identify Cross-Site Request Forgery (CSRF) vulnerabilities in web applications. It validates the implementation of CSRF protection mechanisms, such as synchronizer tokens, double-submit cookies, SameSite attributes, and origin validation. Use this skill when you need to analyze your application's security posture against CSRF attacks or when asked to "validate csrf", "check for csrf vulnerabilities", or "test csrf protection".
Install
Quality Score: 93/100
Skill Content
Details
- Author
- jeremylongshore
- Repository
- jeremylongshore/claude-code-plugins-plus-skills
- Created
- 7 months ago
- Last Updated
- today
- Language
- Python
- License
- MIT
Integrates with
Similar Skills
Semantically similar based on skill content — not just same category
validating-cors-policies
This skill enables Claude to validate Cross-Origin Resource Sharing (CORS) policies. It uses the cors-policy-validator plugin to analyze CORS configurations and identify potential security vulnerabilities. Use this skill when the user requests to "validate CORS policy", "check CORS configuration", "analyze CORS headers", or asks about "CORS security". It helps ensure that CORS policies are correctly implemented, preventing unauthorized cross-origin requests and protecting sensitive data.
csrf-protection-validator
Validate csrf protection validator operations. Auto-activating skill for Security Fundamentals. Triggers on: csrf protection validator, csrf protection validator Part of the Security Fundamentals skill category. Use when working with csrf protection validator functionality. Trigger with phrases like "csrf protection validator", "csrf validator", "csrf".
validating-authentication-implementations
This skill enables Claude to validate authentication implementations against security best practices and industry standards. It analyzes various authentication methods, including JWT, OAuth, session-based authentication, and API keys. Use this skill when you need to perform an authentication security check, assess password policies, evaluate MFA implementation, or analyze session security. Trigger this skill with phrases like "validate authentication," "authentication check," or "authcheck."
performing-security-testing
This skill automates security vulnerability testing. It is triggered when the user requests security assessments, penetration tests, or vulnerability scans. The skill covers OWASP Top 10 vulnerabilities, SQL injection, XSS, CSRF, authentication issues, and authorization flaws. Use this skill when the user mentions "security test", "vulnerability scan", "OWASP", "SQL injection", "XSS", "CSRF", "authentication", or "authorization" in the context of application or API testing.
scanning-input-validation-practices
This skill enables Claude to automatically scan source code for potential input validation vulnerabilities. It identifies areas where user-supplied data is not properly sanitized or validated before being used in operations, which could lead to security exploits like SQL injection, cross-site scripting (XSS), or command injection. Use this skill when the user asks to "scan for input validation issues", "check input sanitization", "find potential XSS vulnerabilities", or similar requests related to securing user input. It is particularly useful during code reviews, security audits, and when hardening applications against common web vulnerabilities. The skill leverages the input-validation-scanner plugin to perform the analysis.