general-frontend-securitylisted

# General Frontend Security Framework-agnostic security practices for web applications based on OWASP guidelines. ## When to Use This Skill - Reviewing frontend code for security vulnerabilities - Implementing client-side authentication flows - Setting up secure cookie handling - Configuring Content Security Policy - Auditing third-party dependencies - General frontend security questions ## Skill Boundaries | User Intent | Correct Skill | |------------|---------------| | "XSS prevention best practices" | **THIS SKILL** | | "Security audit of frontend" | **THIS SKILL** | | "Configure CSP headers" | **THIS SKILL** | | "Build a secure login page in Nuxt" | developing-lt-frontend | | "Fix @Restricted decorator in NestJS" | generating-nest-servers | | "Run npm audit fix" | maintaining-npm-packages | ## Related Skills & Commands | Command | Purpose | |---------|---------| | `/lt-dev:review` | General security review of branch diff (framework-agnostic) | | `/lt-dev:backend:sec-review` | Security review of backend code changes (auth, decorators, models) | | `/lt-dev:backend:sec-audit` | Full OWASP security audit (dependencies, config, code) | ## Framework-Specific References | Framework | Reference File | |-----------|---------------| | Nuxt/Vue | See `developing-lt-frontend` skill (reference/security.md) | | Angular | [angular-security.md](${CLAUDE_SKILL_DIR}/angular-security.md) | ## Key Principles 1. **Never trust client-side validation** - Server must always verify 2.