Data
PromptBeginner5 minmarkdown
- **Dynamic query construction**: String concatenation used to build SQL
LDAP
0
Explore
Find agent skills by outcome
82,429 skills indexed with the new KISS metadata standard.
Showing 24 of 82,429Categories: Cursor-rules, Data, Coding & Debugging, General, Education
Data
PromptBeginner5 minmarkdown
- **Verbose error responses**: Stack traces
SQL queries
0
Coding & Debugging
PromptBeginner5 minmarkdown
- **Hardcoded secrets**: API keys
passwords
0
Coding & Debugging
PromptBeginner5 minmarkdown
- Validate that SECRET_KEY comes from environment variables
not source code
0
Data
PromptBeginner5 minmarkdown
- Verify raw SQL queries use parameterized statements
not f-strings
0
General
PromptBeginner5 minmarkdown
- Check for eval()
Function()
0
General
PromptBeginner5 minmarkdown
- Assess the blast radius of each vulnerability (single user
all users
0
General
PromptBeginner5 minmarkdown
- Evaluate whether changes affect authentication
authorization
0
Coding & Debugging
PromptBeginner5 minmarkdown
- Check for base64-encoded secrets
environment variable values
0
General
PromptBeginner5 minmarkdown
- Evaluate the combined effect of multiple changes
not just individual lines
0
Coding & Debugging
PromptBeginner5 minmarkdown
- [ ] Remediation instructions include specific code snippets
not vague advice
0
Coding & Debugging
PromptBeginner5 minmarkdown
- Include concrete code fixes with exact syntax
not abstract recommendations
0
General
PromptBeginner5 minmarkdown
- [ ] All five risk categories (injection
access
0
General
PromptBeginner5 minmarkdown
- [ ] Each finding includes severity
location
0
General
PromptBeginner5 minmarkdown
After completing the security audit of a diff
verify:
0
General
PromptBeginner5 minmarkdown
- Logs do not contain PII
credentials
0
General
PromptBeginner5 minmarkdown
- CORS policy restricts origins to known
trusted domains
0
General
PromptBeginner5 minmarkdown
- Token validation checks expiration
signature
0
General
PromptBeginner5 minmarkdown
- Password handling uses strong hashing (bcrypt
scrypt
0
General
PromptBeginner5 minmarkdown
- File uploads have type
size
0
General
PromptBeginner5 minmarkdown
- Session tokens use secure flags (HttpOnly
Secure
0
General
PromptBeginner5 minmarkdown
- Query construction uses parameterized queries
not string concatenation
0
Coding & Debugging
PromptBeginner5 minmarkdown
- Output encoding is context-aware (HTML
JavaScript
0
General
PromptBeginner5 minmarkdown
- Weak or deprecated encryption algorithms (MD5
SHA1
0