Skills
.Work. You
Rest

cwe-295-insecure-tls-trust-manager

Official

Secure TLS/SSL configurations in Java.

Software Engineering#security#remediation#java#sast#tls#ssl#cwe-295
AuthorDevelopersCoffee
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This Skill addresses critical security vulnerabilities arising from insecure TLS/SSL configurations in Java applications, preventing man-in-the-middle attacks and ensuring secure communication.

Core Features & Use Cases

  • Vulnerability Remediation: Identifies and fixes insecure TLS/SSL patterns, such as overly permissive TrustManagers and HostnameVerifiers.
  • Secure Defaults: Guides users to implement industry-standard secure practices for certificate validation and hostname verification.
  • Use Case: A Java application is failing security audits due to a custom TrustManager that accepts all certificates. This Skill provides the correct implementation using the system's default trust store and a secure HostnameVerifier.

Quick Start

Use the cwe-295-insecure-tls-trust-manager skill to secure the TLS configuration in the provided Java code.

Dependency Matrix

Required Modules

None required

Components

references

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: cwe-295-insecure-tls-trust-manager
Download link: https://github.com/DevelopersCoffee/java-cwe-security-skills/archive/main.zip#cwe-295-insecure-tls-trust-manager

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.