Frontend Security Coder
Secure Your Frontend Code
Frontend applications are vulnerable to XSS, CSRF, and other attacks. This skill generates secure code patterns and identifies vulnerabilities in your web applications to protect against common attack vectors.
Baixar o ZIP da skill
Upload no Claude
Vá em Configurações → Capacidades → Skills → Upload skill
Ative e comece a usar
Testar
A utilizar "Frontend Security Coder". Generate a XSS-safe input component in React that sanitizes user input
Resultado esperado:
A React component with proper input sanitization using DOMPurify, output encoding, and security-focused prop validation.
A utilizar "Frontend Security Coder". Write CSRF protection code for a JavaScript application
Resultado esperado:
JavaScript module with fetch wrapper that automatically attaches CSRF tokens, validates responses, and handles token refresh.
A utilizar "Frontend Security Coder". Create a secure authentication pattern for a SPA
Resultado esperado:
Complete authentication module using httpOnly cookies, refresh tokens with secure storage, and automatic session management.
Auditoria de Segurança
SeguroThis is a prompt-only skill that generates frontend security content. No executable code was detected. The skill provides security guidance through natural language prompts without any system-level access, network calls, or file operations. Risk score is 0/100.
Pontuação de qualidade
O Que Você Pode Construir
Secure Component Development
Generate security-aware React, Vue, or Angular components with built-in XSS protection and input validation
Security Code Review
Get detailed security analysis of frontend code snippets with specific vulnerability identification and remediation guidance
Security Best Practices Learning
Learn secure coding patterns and practices for frontend development through generated examples and explanations
Tente Estes Prompts
Generate a XSS-safe input component in [FRAMEWORK] that sanitizes user input and prevents script injection attacks. Include proper escaping functions.
Write a CSRF token management module for a frontend application. Include token retrieval, validation on requests, and automatic token refresh logic.
Generate a secure authentication flow pattern for a single-page application. Include token storage best practices, refresh token handling, and session timeout logic.
Create a comprehensive Content Security Policy configuration for a modern web application. Include directives for scripts, styles, images, and API calls.
Melhores Práticas
- Always validate and sanitize user input on both client and server sides, even if client-side validation is present
- Use modern security libraries like DOMPurify for HTML sanitization rather than writing custom escaping functions
- Implement Content Security Policy headers to provide an additional layer of defense against XSS attacks
Evitar
- Using innerHTML with user-provided data without sanitization - this creates direct XSS vulnerabilities
- Storing sensitive tokens in localStorage instead of httpOnly cookies - tokens are accessible to JavaScript
- Disabling CSRF protection for API endpoints because it adds complexity - this exposes the application to cross-site request forgery
Perguntas Frequentes
Does this skill scan my existing codebase for vulnerabilities?
Can this skill replace a security audit?
What frameworks does this skill support?
Does the generated code work with both frontend and backend?
How do I use this with Claude Code or Codex?
Are the security recommendations up to date?
Detalhes do Desenvolvedor
Autor
sickn33Licença
MIT
Repositório
https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/frontend-security-coderReferência
main
Estrutura de arquivos
📄 SKILL.md