Claude Code Plugins

Community-maintained marketplace

Feedback

security-practices

@eser/rules
33
0

Security practices including secrets management, input validation, SSRF prevention, and production hardening. Use for security-sensitive code.

Install Skill

1Download skill
2Enable skills in Claude

Open claude.ai/settings/capabilities and find the "Skills" section

3Upload to Claude

Click "Upload skill" and select the downloaded ZIP file

Note: Please verify skill by going through its instructions before using it.

SKILL.md

name security-practices
description Security practices including secrets management, input validation, SSRF prevention, and production hardening. Use for security-sensitive code.

security-practices

Quick Start

  1. All secrets in environment variables (never in config files)
  2. Validate inputs at system boundaries
  3. Sanitize error responses (no stack traces in production)
  4. Use HTTPS for all external connections

Key Principles

  • Environment variables for all secrets
  • SSRF prevention (block internal IP ranges)
  • Development vs Production mode separation
  • Rigorous input validation

References

See rules.md for complete conventions.