nestjs-security
Installation
SKILL.md
NestJS Security Standards
Priority: P0 (CRITICAL)
Workflow: Secure NestJS Application
- Add Helmet —
app.use(helmet())inmain.tsfor HSTS, CSP headers. - Configure JWT strategy — Use
passport-jwtwith RS256; validateissandaudclaims. - Bind global AuthGuard — Register as
APP_GUARD; use@Public()for open routes. - Add throttling — Enable
@nestjs/throttlerwith Redis store for rate limiting. - Hash with Argon2id — Replace bcrypt with
argon2.hash(password, { type: argon2.argon2id }). - Verify — Run
npm audit --prodand test that unauthenticated requests return 401.