aiming-lab/input-validation-and-sanitization
memory_data/skills/input-validation-and-sanitization/SKILL.md
Use this skill when implementing any endpoint, form handler, CLI tool, or function that accepts external input. Validate and sanitize all untrusted data before processing — never assume input is safe.
$ install --global
skillsauthnpx skillsauth add aiming-lab/metaclaw input-validation-and-sanitizationInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Mar 28, 2026, 2:53 PM37.9s1 file scanned
SKILL.md
- name:
- input-validation-and-sanitization
- description:
- Use this skill when implementing any endpoint, form handler, CLI tool, or function that accepts external input. Validate and sanitize all untrusted data before processing — never assume input is safe.
- category:
- security
Input Validation and Sanitization
Validation principles:
- Validate at the system boundary (API layer, form handler) — not deep in business logic.
- Validate type, range, length, and format explicitly.
- Reject unexpected input by default (allowlist > denylist).
SQL injection prevention: Always use parameterized queries or an ORM.
XSS prevention: Escape HTML output; use Content-Security-Policy headers; avoid innerHTML with user data.
Path traversal prevention: Resolve paths to canonical form and verify they are under the expected directory.
import os
base = '/allowed/dir'
canonical = os.path.realpath(os.path.join(base, user_input))
assert canonical.startswith(base + os.sep)
Related Skills
aiming-lab/visualization-selection
development
VerifiedTrustedCommunity
Use this skill when creating charts, plots, or dashboards. Choose the visualization type that best communicates the data relationship before writing any plotting code.
2,755SKILL.mdUpdated Mar 27, 2026
aiming-lab/verify-before-irreversible-action
testing
VerifiedTrustedCommunity
Use this skill before taking any action that is hard to reverse — deleting files, overwriting data, sending messages, pushing to remote, modifying production systems. Always pause, state what you are about to do, and confirm before executing.
2,755SKILL.mdUpdated Mar 27, 2026
aiming-lab/uncertainty-acknowledgment
research
VerifiedTrustedCommunity
Use this skill when you are not sure about a fact, have outdated knowledge, or the question is contested. Explicitly communicate the level of confidence instead of asserting uncertain things as fact.
2,755SKILL.mdUpdated Mar 27, 2026
aiming-lab/tool-selection-strategy
tools
VerifiedTrustedCommunity
Use this skill when deciding which tools to call in an agentic workflow. Always choose the minimal, most direct tool for each step and avoid redundant or speculative tool calls.
2,755SKILL.mdUpdated Mar 27, 2026