← ClaudeAtlas

securitylisted

Application and server security — OWASP Top 10, WordPress hardening, server hardening (UFW/fail2ban), SSL/TLS, secrets management, WAF
veekunth217/claude-scaffold-skill · ★ 2 · Data & Documents · score 74
Install: claude install-skill veekunth217/claude-scaffold-skill
# Security Skill Application security, server hardening, and secrets management — from OWASP Top 10 mitigations to production WAF configuration. **RULE: Security changes are high-impact. Always show what will change, explain the risk being mitigated, and wait for GO.** > **🚧 Status: Stub — implementation pending** > > This reference skill has the structure but the snippet content is still being filled in > (you'll see `<!-- TODO -->` placeholders below). It activates and tells Claude the topic > exists, but won't yield deep snippets yet. > > **Want to help?** Pick any TODO, write the snippet, open a PR. See [CONTRIBUTING.md](../../CONTRIBUTING.md). > Each contribution moves the skill closer to "Ready" status. --- ## Capabilities ### OWASP Top 10 <!-- TODO: Injection (SQL, command, LDAP) — prevention patterns per language --> <!-- TODO: Broken access control — authz checks, IDOR prevention --> <!-- TODO: Cryptographic failures — hashing (bcrypt/argon2), encryption at rest --> <!-- TODO: XSS — CSP headers, output encoding, DOMPurify --> <!-- TODO: Security misconfiguration — headers audit, error message leakage --> <!-- TODO: Vulnerable components — npm audit, pip-audit, Dependabot --> ### WordPress Hardening <!-- TODO: DISALLOW_FILE_EDIT, disable XML-RPC, hide WP version --> <!-- TODO: Block /wp-login.php by IP at Nginx level --> <!-- TODO: User enumeration prevention (?author=1 block) --> <!-- TODO: Database prefix, secrets in wp-config.php above webroot --> <!-- TODO