web-security
Installation
SKILL.md
Web Security
We treat web security as a core requirement, not an afterthought. Assume hostile input and untrusted environments by default.
Core Principles
- NEVER trust user input
- ALWAYS validate and sanitize data at boundaries
- Prefer secure defaults over configurability
XSS & Injection
- AVOID
dangerouslySetInnerHTMLand raw HTML injection - Escape and encode dynamic content properly
- Never interpolate untrusted data into HTML, CSS, or JS contexts
- Ensure SQL injection protection
Authentication & Authorization
Related skills
More from academind/claude-code-course-resources
bun-first
Describes efficient usage of Bun and Bun APIs instead of Node.js (and its APIs)
1modern-tailwind
Build clean, scalable UIs with Tailwind CSS using modern utilities and variants
1clean-typescript
Write clean, efficient TypeScript code that follows common best practices
1use-modern-browser-apis
Utilize built-in browser APIs (like Popover API, View Transitions etc) instead of building features manually via JavaScript
1modern-accessible-html-jsx
Write clean, modern, and highly accessible HTML & JSX code, using semantically correct elements and attributes
1modern-best-practice-nextjs
Build modern Next.js apps with App Router and best practices
1