General
PromptBeginner5 minmarkdown
- Validate and restrict CORS origins to known
trusted domains only.
0
Explore
Find agent skills by outcome
80,990 skills indexed with the new KISS metadata standard.
Showing 24 of 80,990Categories: General, Openclaw, Data, Cursor-rules, Coding & Debugging
General
PromptBeginner5 minmarkdown
- Verify HTTPS enforcement
HSTS
0
General
PromptBeginner5 minmarkdown
- Use `bcrypt` or `argon2-cffi` for password hashing
never `hashlib` directly.
0
General
PromptBeginner5 minmarkdown
- Avoid `eval()`
`Function()`
0
General
PromptBeginner5 minmarkdown
- Validate and sanitize input with libraries like `joi`
`zod`
0
Coding & Debugging
PromptBeginner5 minmarkdown
- Configure `SECRET_KEY` via environment variables
never hardcoded in settings.
0
General
PromptBeginner5 minmarkdown
- Evaluate transitive dependencies
not just direct imports.
0
Coding & Debugging
PromptBeginner5 minmarkdown
- Apply context-aware output encoding for HTML
JavaScript
0
General
PromptBeginner5 minmarkdown
- Run `npm audit`
`yarn audit`
0
Coding & Debugging
PromptBeginner5 minmarkdown
- Provide actionable remediation with specific code fixes
not vague recommendations.
0
Coding & Debugging
PromptBeginner5 minmarkdown
- [ ] No secrets
API keys
0
General
PromptBeginner5 minmarkdown
- [ ] Encryption standards meet minimum requirements (AES-256
TLS 1.2+).
0
General
PromptBeginner5 minmarkdown
After completing an audit
verify:
0
Data
PromptBeginner5 minmarkdown
- Missing data masking in logs
error messages
0
General
PromptBeginner5 minmarkdown
- Review network segmentation
HTTPS enforcement
0
General
PromptBeginner5 minmarkdown
- Cross-site scripting (XSS) in reflected
stored
0
General
PromptBeginner5 minmarkdown
- Weak password hashing algorithms (MD5
SHA1 are never acceptable).
0
General
PromptBeginner5 minmarkdown
- Check security headers (CSP
X-Frame-Options
0
Data
PromptBeginner5 minmarkdown
- Validate that sensitive data never appears in logs
error messages
0
Data
PromptBeginner5 minmarkdown
- Assess PII handling for data minimization
retention policies
0
General
PromptBeginner5 minmarkdown
- Evaluate password policies for complexity requirements and hashing (bcrypt
scrypt
0
Coding & Debugging
PromptBeginner5 minmarkdown
- Verify credential storage never includes plaintext secrets
API keys
0
General
PromptBeginner5 minmarkdown
- Review JWT implementation for weak signing algorithms
missing expiration
0
General
PromptBeginner5 minmarkdown
- Check for parameterized queries
context-aware encoding
0