Stats
Actions
Tags
あらゆる技術スタックに適用可能なコアセキュリティ原則。 Use when: 認証/認可実装、機密データ取り扱い、入力バリデーション、セキュリティレビュー。 Trigger phrases: security review, auth, password, input validation, XSS, SQL injection, CSRF, OWASP
How this skill is triggered — by the user, by Claude, or both
Slash command
/spec-workflow-toolkit:security-fundamentalssonnetThis skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
詳細手順は同ディレクトリの `INSTRUCTIONS.md` を参照。
詳細手順は同ディレクトリの INSTRUCTIONS.md を参照。
npx claudepluginhub mysmon/spec-workflow-toolkitConducts security reviews using checklists and patterns for authentication, user input, secrets, API endpoints, SQL injection, XSS/CSRF, and rate limiting.
Guides application security reviews and implementation covering OWASP Top 10, input validation, auth, secrets management, and antipatterns.
Enforces security-conscious coding: trust boundary identification, input validation, injection prevention, secrets management, and defense-in-depth authorization. Activates when handling user input, auth, DB queries, external APIs, file ops, or on security review requests.