From helloagents
Enforces secure coding practices for authentication (JWT, OAuth, passwords), input validation, file uploads, permissions, output protection (XSS/CSRF), and key management. Use for security-sensitive web code.
npx claudepluginhub hellowind777/helloagents --plugin helloagentsThis skill uses the workspace's default tool permissions.
安全相关代码必须遵循以下规范。
Implements authentication/authorization, secures user input, and prevents OWASP Top 10 vulnerabilities using bcrypt/argon2 hashing, parameterized SQL queries, Zod validation, JWT tokens, and CORS/CSP headers.
Implements authentication/authorization, secures user input against OWASP Top 10, and hardens code with bcrypt/argon2 hashing, parameterized SQL queries, Zod validation, JWT tokens, and CORS/CSP headers.
Conducts security reviews using checklists and patterns for authentication, user input, secrets, API endpoints, SQL injection, XSS/CSRF, and rate limiting.
Share bugs, ideas, or general feedback.
安全相关代码必须遵循以下规范。
先识别攻击面和信任边界,再写代码。