From devloop
Provides OWASP Top 10-based security checklist for code reviews on input validation, authentication, authorization, data protection, secure headers, and preventing XSS, SQL injection, CSRF.
npx claudepluginhub zate/cc-plugins --plugin devloopThis skill uses the workspace's default tool permissions.
Security review checklist based on OWASP Top 10.
Audits code security using OWASP Top 10 checklists for input validation, auth/authz, API security, data protection, and logging. Use for secure implementations and vulnerability reviews.
Provides OWASP Top 10 guidance and stack-agnostic principles for secure web apps. Use for code security reviews, auth/authorization implementation, secrets/API key handling, security headers, injection prevention (SQL/XSS/CSRF), and audits.
Conducts security reviews using checklists and patterns for authentication, user input, secrets, API endpoints, SQL injection, XSS/CSRF, and rate limiting.
Share bugs, ideas, or general feedback.
Security review checklist based on OWASP Top 10.
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000
| Vuln | Prevention |
|---|---|
| SQL Injection | Parameterized queries |
| XSS | Output encoding |
| CSRF | CSRF tokens |
| Secrets | Environment variables |