hoangnguyen0403-typescript-security

Installation
SKILL.md

TypeScript Security

Priority: P0 (CRITICAL)

Security standards for TypeScript applications based on OWASP guidelines.

Implementation Guidelines

  • Validation: Validate all inputs with zod/joi/class-validator.
  • Sanitization: Use DOMPurify for HTML. Prevent XSS.
  • Secrets: Use env vars. Never hardcode.
  • SQL Injection: Use parameterized queries or ORMs (Prisma/TypeORM).
  • Auth: Use bcrypt for hashing. Implement strict RBAC.
  • HTTPS: Enforce HTTPS. Set secure, httpOnly, sameSite cookies.
  • Rate Limit: Prevent brute-force/DDoS.
  • Deps: Audit with npm audit.

Anti-Patterns

Installs
First Seen
hoangnguyen0403-typescript-security — smithery/ai