security-headers
Installation
SKILL.md
Security Headers Validation
I'll analyze and implement web security headers (CSP, HSTS, X-Frame-Options, etc.) to protect against common attacks.
Arguments: $ARGUMENTS - URL to check, or framework for configuration generation
Security Headers Overview
Essential Headers:
- Content-Security-Policy (CSP) - Prevent XSS and injection attacks
- Strict-Transport-Security (HSTS) - Enforce HTTPS
- X-Frame-Options - Prevent clickjacking
- X-Content-Type-Options - Prevent MIME sniffing
- Referrer-Policy - Control referrer information
- Permissions-Policy - Feature access control
Token Optimization:
- ✅ Bash-based curl for header inspection (external tool, minimal Claude tokens)
- ✅ Framework detection via package.json grep (no file reads)
Related skills
More from manastalukdar/claude-devstudio
duplication-detect
Find and eliminate code duplication with DRY refactoring strategies
20db-diagram
Generate database ER diagrams from schema for documentation
17lighthouse
Run Lighthouse audits and implement performance, accessibility, and SEO fixes
13session-resume
Resume previous work from archived session with full context restoration
12owasp-check
OWASP Top 10 vulnerability scanning and remediation
12database-connect
Database MCP server integration for PostgreSQL, MySQL, MongoDB
11