rails-ai:security
CommunitySecure Rails apps with defense-in-depth.
Authorzerobearing2
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill helps developers secure Rails applications by providing patterns, examples, and checks to prevent common vulnerabilities such as XSS, CSRF, SQL injection, and insecure file uploads.
Core Features & Use Cases
- XSS Prevention: Rails auto-escaping in templates, sanitization, and CSP guidance to block script injections.
- CSRF Protection: Rails' built-in CSRF protection, form_with helpers, and safe AJAX patterns.
- SQL Injection Prevention: Use parameterized queries, hash conditions, and placeholders to prevent data leaks.
- Secure File Uploads: Use ActiveStorage with content-type validation, size limits, and safe serving to prevent malicious uploads.
- Use Case: Secure a user-facing Rails app with user-generated content and file uploads, ensuring end-to-end security.
Quick Start
- Enable CSRF protection in ApplicationController and ensure all forms use form_with.
- Validate uploads with ActiveStorage validations (content_type and size) and serve files safely.
- Use ActiveRecord query methods and hash conditions to avoid SQL injection.
- Add security tests for XSS, CSRF, and injection vectors.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: rails-ai:security Download link: https://github.com/zerobearing2/rails-ai/archive/main.zip#rails-ai-security Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.