cwe-347-jwt-signature-bypass
OfficialSecure JWTs against signature bypass.
AuthorDevelopersCoffee
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill addresses critical security vulnerabilities in Java applications by preventing JWT signature bypass, ensuring the integrity and authenticity of JSON Web Tokens.
Core Features & Use Cases
- Vulnerability Remediation: Fixes CWE-347 vulnerabilities related to improper JWT signature verification.
- Secure Token Handling: Implements robust JWT verification, including explicit rejection of the 'none' algorithm.
- Use Case: When a security audit flags potential JWT signature bypass issues in your Java backend, use this skill to automatically refactor the token verification logic to a secure standard.
Quick Start
Use the cwe-347-jwt-signature-bypass skill to secure the JWT verification logic in the provided Java code snippet.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: cwe-347-jwt-signature-bypass Download link: https://github.com/DevelopersCoffee/java-cwe-security-skills/archive/main.zip#cwe-347-jwt-signature-bypass Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.