a-organvm/security-implementation-guide
distributions/codex/skills/security-implementation-guide/SKILL.md
Comprehensive security patterns for authentication, authorization, input validation, and common vulnerability prevention
$ install --global
skillsauthnpx skillsauth add a-organvm/a-i--skills security-implementation-guideInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 27, 2026, 2:32 AM85.7s3 files scanned
SKILL.md
- name:
- security-implementation-guide
- description:
- Comprehensive security patterns for authentication, authorization, input validation, and common vulnerability prevention
- license:
- MIT
- adapted-by:
- ai-skills
- category:
- security
- governance_phases:
- [build]
- governance_norm_group:
- security-baseline
- organ_affinity:
- [all]
- triggers:
- [user-asks-about-security-patterns, user-asks-about-auth, context:authentication]
- complements:
- [security-threat-modeler, gdpr-compliance-check, incident-response-commander]
Security Implementation Guide
Production-ready security patterns for web applications.
Input Validation
Sanitization
import DOMPurify from 'isomorphic-dompurify';
function sanitizeHTML(dirty: string): string {
return DOMPurify.sanitize(dirty, {
ALLOWED_TAGS: ['b', 'i', 'em', 'strong', 'p'],
ALLOWED_ATTR: []
});
}
// SQL injection prevention - use parameterized queries
const result = await db.query(
'SELECT * FROM users WHERE email = $1',
[email] // Never interpolate directly!
);
XSS Prevention
// React automatically escapes
<div>{userInput}</div> // Safe
// Dangerous - avoid dangerouslySetInnerHTML
<div dangerouslySetInnerHTML={{ __html: sanitizeHTML(userInput) }} />
// Set security headers
app.use(helmet({
contentSecurityPolicy: {
directives: {
defaultSrc: ["'self'"],
scriptSrc: ["'self'", "'unsafe-inline'"],
styleSrc: ["'self'", "'unsafe-inline'"],
}
}
}));
Authentication
Password Hashing
import bcrypt from 'bcrypt'; // allow-secret
async function hashPassword(password: string): Promise<string> { // allow-secret
const saltRounds = 12;
return bcrypt.hash(password, saltRounds); // allow-secret
}
async function verifyPassword(password: string, hash: string): Promise<boolean> { // allow-secret
return bcrypt.compare(password, hash); // allow-secret
}
Rate Limiting
import rateLimit from 'express-rate-limit';
const loginLimiter = rateLimit({
windowMs: 15 * 60 * 1000,
max: 5, // 5 attempts
message: 'Too many login attempts',
standardHeaders: true,
legacyHeaders: false,
});
app.post('/api/login', loginLimiter, loginHandler);
CSRF Protection
import csrf from 'csurf';
const csrfProtection = csrf({ cookie: true });
app.get('/form', csrfProtection, (req, res) => {
res.render('form', { csrfToken: req.csrfToken() });
});
app.post('/process', csrfProtection, (req, res) => {
// Protected endpoint
});
Integration Points
Complements:
- security-threat-modeler: For threat analysis
- backend-implementation-patterns: For secure APIs
- verification-loop: For security checks
Related Skills
a-organvm/generative-art-algorithms
development
VerifiedTrustedCommunity
Create algorithmic and generative art using mathematical patterns, noise functions, particle systems, and procedural generation. Covers flow fields, L-systems, fractals, and creative coding foundations. Triggers on generative art, algorithmic art, creative coding, procedural generation, or mathematical visualization requests.
7SKILL.mdUpdated May 31, 2026
a-organvm/gdpr-compliance-check
development
VerifiedTrustedCommunity
Audits web applications and architectures for compliance with GDPR, CCPA, and other privacy regulations, focusing on consent, data minimization, and user rights.
7SKILL.mdUpdated May 31, 2026
a-organvm/gcp-resource-optimizer
development
VerifiedTrustedCommunity
Optimize Google Cloud Platform resource allocation and manage cloud credits efficiently. Use when planning GCP deployments, analyzing cloud spend, maximizing value from expiring credits, right-sizing instances, or designing cost-effective architectures. Triggers on GCP cost optimization, credit management, resource allocation planning, or cloud budget concerns.
7SKILL.mdUpdated May 31, 2026
a-organvm/game-mechanics-designer
testing
VerifiedTrustedCommunity
Designs engaging gameplay loops, economies, and progression systems, balancing challenge and reward for interactive experiences.
7SKILL.mdUpdated May 31, 2026