Secure coding, OWASP guidance, input validation, cryptography, authentication, and secrets management for secure application development.
npx claudepluginhub sethdford/claude-skills --plugin security-secure-developmentAudit authentication and authorization implementation for compliance with secure design principles.
Check application against OWASP Top 10 and identify gaps in critical security controls.
Conduct a comprehensive security code review examining OWASP Top 10, secure coding patterns, input validation, and cryptography.
Design secure authentication systems with strong password policies, MFA, secure password reset, and session management.
Design authorization systems (access control, role-based permissions, principle of least privilege) to enforce fine-grained access policies.
Select appropriate cryptographic algorithms and parameters for encryption, hashing, key derivation, and digital signatures.
Design and implement input validation patterns (whitelisting, boundary checks, type validation) to prevent injection and buffer overflow attacks.
Implement context-specific output encoding to prevent XSS and injection attacks. Encode HTML, URL, JavaScript, and other contexts appropriately.
Audit application architecture and code against OWASP Top 10 vulnerabilities. Use when assessing application security posture and prioritizing fixes.
Manage API keys, credentials, and secrets securely using vaults, environment variables, and rotation policies. Prevent secrets from being committed to code or exposed in logs.
Review code systematically for security vulnerabilities using OWASP Top 10, secure coding patterns, and static analysis best practices. Use when reviewing pull requests, conducting security code reviews, or implementing secure development practices.
Implement secure session handling with proper token generation, storage, expiry, CSRF protection, and session invalidation.
Comprehensive skill pack with 66 specialized skills for full-stack developers: 12 language experts (Python, TypeScript, Go, Rust, C++, Swift, Kotlin, C#, PHP, Java, SQL, JavaScript), 10 backend frameworks, 6 frontend/mobile, plus infrastructure, DevOps, security, and testing. Features progressive disclosure architecture for 50% faster loading.
Battle-tested Claude Code plugin for engineering teams — 38 agents, 156 skills, 72 legacy command shims, production-ready hooks, and selective install workflows evolved through continuous real-world use
Access thousands of AI prompts and skills directly in your AI coding assistant. Search prompts, discover skills, save your own, and improve prompts with AI.
Comprehensive toolkit for developing Claude Code plugins. Includes 7 expert skills covering hooks, MCP integration, commands, agents, and best practices. AI-assisted plugin creation and validation.
Orchestrate multi-agent teams for parallel code review, hypothesis-driven debugging, and coordinated feature development using Claude Code's Agent Teams
Claude + Google Stitch workflow toolkit with MCP integration (prompt authoring, screen generation, design extraction)