Skills

secure-node-typescript

Installation
SKILL.md

Secure Node.js TypeScript

Overview

Write secure-by-default Node.js and TypeScript applications that neutralize common server-side threats. This skill provides security guidelines organized by domain, with inline patterns for the most critical controls.

All guidelines are mapped to OWASP Top 10:2025 categories for compliance tracking and audit purposes. See references/security-index.md for the complete OWASP mapping.

Security Tiers

Apply guidelines based on the code context:

Tier When to Apply Key Focus Areas
Always All Node.js/TS code Strict TypeScript, input validation, no hardcoded secrets, safe error handling
API/HTTP Web endpoints, middleware Headers (helmet), rate limiting, CORS, body limits, Content-Type validation
Auth Authentication features Password hashing (argon2), JWT validation, secure cookies, RBAC
Data External data processing SQL injection, XSS sanitization, prototype pollution, schema validation
Runtime Dynamic code, processes No eval, safe child_process, path traversal prevention
Installs
40
Repository
joacod/skills
GitHub Stars
3
First Seen
Jan 26, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykPass
secure-node-typescript — joacod/skills