Skills

input-validation-layer

Installation
SKILL.md

Input Validation Layer

Validation belongs at every entry point — API routes, webhooks, queue consumers, cron job inputs — before any business logic runs. One missed entry point is all an attacker needs.

Principles

  • Validate at the boundary — before the data touches your app logic or DB
  • Allowlist, not blocklist — define the exact shape you accept; reject everything else
  • Never trust — headers, query params, URL params, request body, cookies, webhook payloads
  • Fail closed — unknown/extra fields stripped or rejected; never passed through silently
  • Single schema = source of truth — same schema used for validation, TypeScript types, and docs

Schema Design (Zod, used throughout)

Installs
1
Repository
blunotech-dev/agents
GitHub Stars
2
First Seen
Apr 22, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykWarn
input-validation-layer — blunotech-dev/agents