Security Patterns

Systematic approach to identifying and remediating security vulnerabilities. Use this skill when:

• Reviewing code for security vulnerabilities
• Conducting security audits
• Implementing authentication, authorization, or data handling
• Assessing third-party dependencies

OWASP Top 10 (2021) Quick Detection

A01: Broken Access Control

Detection patterns:

• Missing authorization checks on endpoints
• Direct object references without ownership validation
• Path traversal: ../ in file paths
• CORS with Access-Control-Allow-Origin: *
• JWT without signature verification