AgentSkillsCN

agent-security-review

在添加身份验证、处理用户输入、管理机密信息、创建 API 端点,或实现支付功能及敏感功能时,可使用此技能。该技能提供全面的安全检查清单与最佳实践方案。

SKILL.md
--- frontmatter
name: agent-security-review
description: Use this skill when adding authentication, handling user input, working with secrets, creating API endpoints, or implementing payment/sensitive features. Provides comprehensive security checklist and patterns.
author: affaan-m
version: 4.1.0-fractal

Security Review Skill

This skill ensures all code follows security best practices and identifies potential vulnerabilities.

When to Activate

  • Implementing authentication or authorization
  • Handling user input or file uploads
  • Creating new API endpoints
  • Working with secrets or credentials
  • Implementing payment features
  • Storing or transmitting sensitive data
  • Integrating third-party APIs

Security Checklist

🧠 Knowledge Modules (Fractal Skills)

1. 1. Secrets Management

2. 2. Input Validation

3. 3. SQL Injection Prevention

4. 4. Authentication & Authorization

5. 5. XSS Prevention

6. 6. CSRF Protection

7. 7. Rate Limiting

8. 8. Sensitive Data Exposure

9. 9. Blockchain Security (Solana)

10. 10. Dependency Security

11. Automated Security Tests