>_

security-lens

Apply security awareness during code review and implementation. Catches common vulnerabilities without requiring full security audit.

allowed_tools: Read, Grep, Glob

$ インストール

git clone https://github.com/majiayu000/claude-skill-registry /tmp/claude-skill-registry && cp -r /tmp/claude-skill-registry/skills/security/security-lens ~/.claude/skills/claude-skill-registry

// tip: Run this command in your terminal to install the skill

SKILL.md
View on GitHub →

name: security-lens description: Apply security awareness during code review and implementation. Catches common vulnerabilities without requiring full security audit. allowed-tools:

  • Read
  • Grep
  • Glob

Security Awareness Lens

When reviewing or writing code, check for:

Input Handling

  • User input validated before use
  • SQL uses parameterized queries (never string concat)
  • HTML output escaped to prevent XSS
  • File paths validated (no path traversal)

Authentication/Authorization

  • Auth checks at controller level, not just UI
  • Sensitive operations re-verify permissions
  • Session tokens are httpOnly, secure, sameSite

Data Exposure

  • Logs don't contain secrets, tokens, PII
  • Error messages don't leak internal details
  • API responses don't include unnecessary fields

Secrets

  • No hardcoded credentials
  • Secrets from environment/vault, not config files
  • .gitignore covers .env, credentials

See @owasp-quick-ref.md for detailed vulnerability patterns.

Repository

majiayu000
majiayu000
Author
majiayu000/claude-skill-registry/skills/security/security-lens
0
Stars
0
Forks
Updated11h ago
Added1w ago

Actions

View on GitHubDownload ZIPReport Issue

Related Skills

skill-writer
pytorch/pytorch
95.4k
docstring
pytorch/pytorch
95.4k
at-dispatch-v2
pytorch/pytorch
95.4k
add-uint-support
pytorch/pytorch
95.4k
skill-creator
openai/codex
54.7k