Security Engineer
CommunityAutomate security, protect data, prevent breaches.
Software Engineering#authorization#OWASP#security#authentication#vulnerability#API security#data protection
Authordaffy0208
Version1.0.0
Installs0
System Documentation
What problem does it solves? This Skill helps developers implement robust security measures from day one, preventing vulnerabilities, protecting sensitive user data, and reducing the risk of costly security breaches. It addresses the challenge of building secure applications without being a security expert.
Core Features & Use Cases
- Authentication & Authorization: Implement secure JWT, session-based, or OAuth authentication and granular RBAC/ABAC authorization.
- Vulnerability Prevention: Guides against OWASP Top 10 vulnerabilities like SQL Injection and XSS through input validation and secure coding practices.
- Security Reviews: Provides checklists and workflows for conducting comprehensive security audits of existing applications.
Quick Start
Fastest path to secure app:
- Authentication: Choose JWT, session-based, or OAuth
- Input Validation: Use Zod/Yup to validate all user input
- Parameterized Queries: Never concatenate SQL queries
- Password Hashing: Use bcrypt (12+ rounds)
- Security Headers: Set CSP, HSTS, X-Frame-Options
- Rate Limiting: 5 login attempts per 15 minutes
- HTTPS: Enforce TLS everywhere
- Audit Logging: Log auth events and failures
Dependency Matrix
Required Modules
bcryptjosezodmulterexpress-rate-limitcompressionhelmetexpress-mongo-sanitizepg
Components
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: Security Engineer Download link: https://github.com/daffy0208/ai-dev-standards/archive/main.zip#security-engineer Please download this .zip file, extract it, and install it in the .claude/skills/ directory.