input-validation
Installation
SKILL.md
Input Validation Skill
Purpose
Defines input validation and sanitization patterns for preventing security vulnerabilities and ensuring data integrity.
Core Principles
- Validate all input — Never trust user-supplied data
- Allowlist over denylist — Define what IS allowed
- Validate on server-side — Client-side validation is UX only
- Encode output — Context-appropriate encoding
- Fail securely — Reject invalid input with safe defaults
HTML/Static Site Validation
- Sanitize any user-generated content before rendering
- Use
textContentinstead ofinnerHTMLwhen possible - Escape HTML entities (
&,<,>,",') - Validate URL inputs (protocol allowlist: https only)
- Use Content Security Policy (CSP) headers
Related skills
More from hack23/riksdagsmonitor
osint-methodologies
OSINT collection, source evaluation, data integration, verification techniques for Swedish political intelligence
41economic-policy-analysis
Fiscal policy, budget analysis, economic forecasting, monetary policy, trade policy for political journalists
33electoral-analysis
Election forecasting models, campaign analysis, coalition prediction, voter behavior analysis for Swedish elections
25vulnerability-management
Vulnerability scanning, assessment, prioritization, and remediation processes following NIST and CIS Controls
25nist-csf-mapping
NIST Cybersecurity Framework 2.0 mapping for static HTML/CSS websites
24testing-strategy
Comprehensive testing strategy covering unit, integration, E2E, security, accessibility, and performance testing
23