Use this skill when adding authentication, handling user input, working with secrets, creating API endpoints, or implementing payment/sensitive features. Provides comprehensive security checklist and patterns. metadata: origin: ECC
# Security Review Skill This skill ensures all code follows security best practices and identifies potential vulnerabilities. ## When to Activate - Implementing authentication or authorization - Handling user input or file uploads - Creating new API endpoints - Working with secrets or credentials - Implementing payment features - Storing or transmitting sensitive data - Integrating third-party APIs ## Security Checklist ### 1. Secrets Management #### FAIL: NEVER Do This ```typescript const apiKey = "sk-proj-xxxxx" // Hardcoded secret const dbPassword = "password123" // In source code ``` #### PASS: ALWAYS Do This
Sign in to view the full prompt.
Sign In