Skills
.Work. You
Rest

auto-security

Official

Enforce ironclad security patterns in automation.

Software Engineering#security#authentication#session-management#input-validation#hashing#cookie-security
AuthorCorvalis-LLC
Version1.0.0
Installs0

System Documentation

What problem does it solve?

Inconsistent security practices across authentication, sessions, cookies, and file uploads are a common risk in automation pipelines. This Skill codifies core security patterns to ensure consistent, safer defaults and to reduce security debt when building with Claude or Codex.

Core Features & Use Cases

  • Enforces hashing of session tokens before storage and safe handling of tokens in cookies.
  • Hides detailed authentication errors to avoid information leakage to attackers.
  • Implements timing-safe flows to prevent user enumeration on login.
  • Prevents session fixation by destroying old sessions on login and revoking other sessions on password changes.
  • Enforces strict cookie attributes (httpOnly, secure, sameSite: 'strict') to reduce CSRF risk.
  • Recommends stronger password hashing (bcrypt >= 12 or Argon2id) and multi-layer validation for file uploads.
  • Provides a guardrail for dangerous patterns and a remediation checklist for secure design.

Quick Start

Enable the auto-security checks on auth and session flows and run the security review against your latest code changes.

Dependency Matrix

Required Modules

None required

Components

Standard package

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: auto-security
Download link: https://github.com/Corvalis-LLC/Crow-Stack/archive/main.zip#auto-security

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 510,000+ vetted skills library on demand.