askill
security-checklist

security-checklistSafety 100Repository

This skill should be used for OWASP, security review, authentication, XSS, SQL injection prevention, CSRF, input validation, secure coding, vulnerability scanning

security-checklistZate
6 stars
1.2k downloads
Updated 2/11/2026

Package Files

Loading files...
SKILL.md

Security Checklist

Security review checklist based on OWASP Top 10.

Input Validation

  • Validate all user input
  • Use parameterized queries (no SQL concat)
  • Sanitize HTML output (prevent XSS)
  • Validate file uploads (type, size)

Authentication

  • Hash passwords (bcrypt, argon2)
  • Use secure session management
  • Implement rate limiting
  • Require strong passwords

Authorization

  • Check permissions on every request
  • Use principle of least privilege
  • Validate ownership of resources

Data Protection

  • Use HTTPS everywhere
  • Don't log sensitive data
  • Encrypt sensitive data at rest
  • No secrets in source code

Headers

Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000

Common Vulnerabilities

VulnPrevention
SQL InjectionParameterized queries
XSSOutput encoding
CSRFCSRF tokens
SecretsEnvironment variables

Install

Download ZIP
Requires askill CLI v1.0+

AI Quality Score

75/100Analyzed 2/20/2026

Solid security checklist skill covering OWASP Top 10 categories with clear structure, whenToUse/whenNotToUse sections, and helpful examples like CSP headers. Score slightly lowered by 'context: fork' suggesting project-specific customization and depth of path (plugins/devloop/skills/). Content is actionable and reusable but could benefit from more detailed guidance for each checklist item.

100
85
80
65
80

Metadata

Licenseunknown
Version-
Updated2/11/2026
PublisherZate

Tags

apidatabasesecurity