Skills

secure-coding

Installation
SKILL.md

Secure Coding

OWASP Secure Coding Practices

Input Validation

  • Validate All Input: Validate all input from untrusted sources (user input, APIs, files)
  • Whitelist Approach: Use whitelisting (allow-list) instead of blacklisting
  • Validate Type, Length, Format: Validate data type, length, and format
  • Sanitize Output: Encode output to prevent injection attacks
  • Canonicalize Input: Canonicalize input before validation to prevent bypasses

Output Encoding

  • Context-Specific Encoding: Use encoding appropriate for the context (HTML, JavaScript, URL, CSS)
  • Encode User-Generated Content: Encode all user-generated content before output
  • Use Framework Encoding: Use framework-provided encoding functions
  • Avoid Manual Encoding: Avoid manual encoding as it's error-prone
Installs
9
Repository
davincidreams/a…-plugins
GitHub Stars
9
First Seen
Feb 14, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykPass
secure-coding — davincidreams/agent-team-plugins