security-best-practices
Installation
SKILL.md
Security Best Practices
Apply these security principles when developing backend services, microservices, and any code handling sensitive data or external inputs.
Input Validation and Sanitization
- Apply input validation and sanitization rigorously, especially on inputs from external sources
- Validate all user inputs at the boundary of your application
- Use allowlists over denylists when validating input
- Sanitize data before storing or displaying to prevent injection attacks
- Implement strict type checking and schema validation
Authentication and Authorization
- Use secure defaults for JWT, cookies, and configuration settings
- Implement proper token expiration and refresh mechanisms
- Store secrets securely using environment variables or secret management services
- Never hardcode credentials or API keys in source code
- Use secure password hashing algorithms (bcrypt, Argon2)
Related skills
More from mindrally/skills
fastapi-python
Expert in FastAPI Python development with best practices for APIs and async operations
8.5Knextjs-react-typescript
Expert in TypeScript, Node.js, Next.js App Router, React, Shadcn UI, Radix UI and Tailwind
2.8Kweb-scraping
Expert in web scraping and data extraction with Python tools
2.3Kcomputer-vision-opencv
Expert guidance for computer vision development using OpenCV, PyTorch, and modern deep learning techniques for image and video processing.
1.9Kaccessibility-a11y
Implement web accessibility (a11y) best practices following WCAG guidelines to create inclusive, accessible user interfaces.
1.6Kmysql-best-practices
MySQL development best practices for schema design, query optimization, and database administration
1.6K