security-review
Comprehensive security checklist and patterns for authentication, input validation, and sensitive data handling.
- Covers 10 core security areas: secrets management, input validation, SQL injection prevention, authentication/authorization, XSS prevention, CSRF protection, rate limiting, sensitive data exposure, blockchain wallet verification, and dependency security
- Includes concrete code examples for each vulnerability type, showing both unsafe and secure patterns with TypeScript and Next.js
- Provides pre-deployment checklist with 17 verification items and automated security test examples for authentication, authorization, input validation, and rate limiting
- Supports multiple platforms: traditional web apps, Supabase with Row Level Security, and Solana blockchain transactions
Security Review Skill
This skill ensures all code follows security best practices and identifies potential vulnerabilities.
When to Activate
- Implementing authentication or authorization
- Handling user input or file uploads
- Creating new API endpoints
- Working with secrets or credentials
- Implementing payment features
- Storing or transmitting sensitive data
- Integrating third-party APIs
Security Checklist
1. Secrets Management
❌ NEVER Do This
More from sickn33/antigravity-awesome-skills
docker-expert
You are an advanced Docker containerization expert with comprehensive, practical knowledge of container optimization, security hardening, multi-stage builds, orchestration patterns, and production deployment strategies based on current industry best practices.
15.0Knodejs-best-practices
Node.js development principles and decision-making. Framework selection, async patterns, security, and architecture. Teaches thinking, not copying.
11.2Ktypescript-expert
TypeScript and JavaScript expert with deep knowledge of type-level programming, performance optimization, monorepo management, migration strategies, and modern tooling.
8.3Kapi-security-best-practices
Implement secure API design patterns including authentication, authorization, input validation, rate limiting, and protection against common API vulnerabilities
7.0Kclean-code
This skill embodies the principles of \"Clean Code\" by Robert C. Martin (Uncle Bob). Use it to transform \"code that works\" into \"code that is clean.\"
6.5Knextjs-best-practices
Next.js App Router principles. Server Components, data fetching, routing patterns.
5.1K