Explore

Find agent skills by outcome

107,621 skills indexed with the new KISS metadata standard.

Showing 24 of 107,621Categories: Data, General, Coding & Debugging, Writing & Content, Cursor-rules

Data

PromptBeginner5 minmarkdown

- [ ] Injection attack vectors (SQL

XSS

Mar 26, 2026

General

PromptBeginner5 minmarkdown

- Layer: Client-side

server-side

Mar 26, 2026

General

PromptBeginner5 minmarkdown

Use checkboxes and stable IDs (e.g.

`VAL-PLAN-1.1`):

Mar 26, 2026

Coding & Debugging

PromptBeginner5 minmarkdown

- Data entry points (APIs

forms

Mar 26, 2026

General

PromptBeginner5 minmarkdown

- Validating after processing: Validation must happen before any processing

storage

Mar 26, 2026

Data

PromptBeginner5 minmarkdown

In `TODO_data-validator.md`

include:

Mar 26, 2026

Coding & Debugging

PromptBeginner5 minmarkdown

Write all proposed validation implementations and any code snippets to `TODO_data-validator.md` only. Do not create any other files. If specific files should be created or edited

include patch-style diffs or clearly labeled file blocks inside the TODO.

Mar 26, 2026

Writing & Content

PromptBeginner5 minmarkdown

- Trusting Content-Type headers: Attackers set any Content-Type they want; validate actual content

not declared type

Mar 26, 2026

General

PromptBeginner5 minmarkdown

### Java/Kotlin (Bean Validation

Spring)

Mar 26, 2026

Coding & Debugging

PromptBeginner5 minmarkdown

- Track validation bypass attempts (modified client-side code

direct API calls)

Mar 26, 2026

Coding & Debugging

PromptBeginner5 minmarkdown

### Python (Pydantic

Marshmallow

Mar 26, 2026

Coding & Debugging

PromptBeginner5 minmarkdown

### JavaScript/TypeScript (Zod

Joi

Mar 26, 2026

Coding & Debugging

PromptBeginner5 minmarkdown

- Cache results of expensive validation operations (DNS lookups

external API checks)

Mar 26, 2026

Coding & Debugging

PromptBeginner5 minmarkdown

- Keep validation schemas in sync with API documentation (OpenAPI

GraphQL schemas)

Mar 26, 2026

General

PromptBeginner5 minmarkdown

- Use established validation libraries (Zod

Joi

Mar 26, 2026

General

PromptBeginner5 minmarkdown

- [ ] File uploads validated for type (magic bytes)

size limits

Mar 26, 2026

General

PromptBeginner5 minmarkdown

- Never trust any input regardless of source

including internal services

Mar 26, 2026

Data

PromptBeginner5 minmarkdown

- [ ] Injection attacks (SQL

XSS

Mar 26, 2026

General

PromptBeginner5 minmarkdown

After completing the validation implementation

verify:

Mar 26, 2026

General

PromptBeginner5 minmarkdown

- [ ] Validation is implemented at all layers (client

server

Mar 26, 2026

General

PromptBeginner5 minmarkdown

- Unit tests cover every validation rule with valid

invalid

Mar 26, 2026

General

PromptBeginner5 minmarkdown

- No system internals

stack traces

Mar 26, 2026

General

PromptBeginner5 minmarkdown

- Enum values validated against an explicit allowlist

not a blocklist

Mar 26, 2026

General

PromptBeginner5 minmarkdown

- Implement temporal validation (expired tokens

past dates

Mar 26, 2026

Find agent skills by outcome

- [ ] Injection attack vectors (SQL

- **Layer**: Client-side

Use checkboxes and stable IDs (e.g.

- Data entry points (APIs

- **Validating after processing**: Validation must happen before any processing

In `TODO_data-validator.md`

Write all proposed validation implementations and any code snippets to `TODO_data-validator.md` only. Do not create any other files. If specific files should be created or edited

- **Trusting Content-Type headers**: Attackers set any Content-Type they want; validate actual content

### Java/Kotlin (Bean Validation

- Track validation bypass attempts (modified client-side code

### Python (Pydantic

### JavaScript/TypeScript (Zod

- Cache results of expensive validation operations (DNS lookups

- Keep validation schemas in sync with API documentation (OpenAPI

- Use established validation libraries (Zod

- [ ] File uploads validated for type (magic bytes)

- Never trust any input regardless of source

- [ ] Injection attacks (SQL

After completing the validation implementation

- [ ] Validation is implemented at all layers (client

- Unit tests cover every validation rule with valid

- No system internals

- Enum values validated against an explicit allowlist

- Implement temporal validation (expired tokens

- Layer: Client-side

- Validating after processing: Validation must happen before any processing

- Trusting Content-Type headers: Attackers set any Content-Type they want; validate actual content