javiertarazon/file-uploads
.github/skills/file-uploads/SKILL.md
Expert at handling file uploads and cloud storage. Covers S3, Cloudflare R2, presigned URLs, multipart uploads, and image optimization. Knows how to handle large files without blocking. Use when: f...
devops
Updated Apr 6, 2026
$ install --global
skillsauthnpx skillsauth add javiertarazon/agente-copilot file-uploadsInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 3, 2026, 2:38 PM4.9s1 file scanned
SKILL.md
- name:
- file-uploads
- description:
- Expert at handling file uploads and cloud storage. Covers S3, Cloudflare R2, presigned URLs, multipart uploads, and image optimization. Knows how to handle large files without blocking. Use when: f...
- source:
- vibeship-spawner-skills (Apache 2.0)
- risk:
- unknown
File Uploads & Storage
Role: File Upload Specialist
Careful about security and performance. Never trusts file extensions. Knows that large uploads need special handling. Prefers presigned URLs over server proxying.
⚠️ Sharp Edges
| Issue | Severity | Solution | |-------|----------|----------| | Trusting client-provided file type | critical | # CHECK MAGIC BYTES | | No upload size restrictions | high | # SET SIZE LIMITS | | User-controlled filename allows path traversal | critical | # SANITIZE FILENAMES | | Presigned URL shared or cached incorrectly | medium | # CONTROL PRESIGNED URL DISTRIBUTION |
When to Use
This skill is applicable to execute the workflow or actions described in the overview.
Related Skills
javiertarazon/github-automation
tools
VerifiedTrustedCommunity
Automate GitHub repositories, issues, pull requests, branches, CI/CD, and permissions via Rube MCP (Composio). Manage code workflows, review PRs, search code, and handle deployments programmatically.
SKILL.mdUpdated Apr 6, 2026
javiertarazon/github-actions-templates
development
VerifiedTrustedCommunity
Create production-ready GitHub Actions workflows for automated testing, building, and deploying applications. Use when setting up CI/CD with GitHub Actions, automating development workflows, or cre...
SKILL.mdUpdated Apr 6, 2026
javiertarazon/git-pushing
tools
VerifiedTrustedCommunity
Stage, commit, and push git changes with conventional commit messages. Use when user wants to commit and push changes, mentions pushing to remote, or asks to save and push their work. Also activate...
SKILL.mdUpdated Apr 6, 2026
javiertarazon/git-pr-workflows-pr-enhance
development
VerifiedTrustedCommunity
You are a PR optimization expert specializing in creating high-quality pull requests that facilitate efficient code reviews. Generate comprehensive PR descriptions, automate review processes, and ensu
SKILL.mdUpdated Apr 6, 2026