file-upload-security
OfficialSecure user file uploads to prevent code execution and XSS.
AuthorGoldenWing-360
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill addresses the critical need to securely handle user-file uploads, preventing remote code execution, stored XSS, and polyglot attacks that can compromise web applications.
Core Features & Use Cases
- Boundary validation: Implements size limits and content verification to filter malicious files.
- Content defanging: Re-encodes images, strips EXIF, and sanitizes documents to neutralize embedded payloads.
- Use Case: A developer adds a file upload endpoint to a web app or migrates storage from local disks to cloud object storage, ensuring security and integrity in the process.
Quick Start
Configure server-side size limits, validate file types based on magic bytes, generate server-controlled storage keys, re-encode images, and serve files from a separate, security-hardened domain with strict headers and signed URLs.
Dependency Matrix
Required Modules
None requiredComponents
scriptsreferencesassets
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: file-upload-security Download link: https://github.com/GoldenWing-360/claude-security-skills/archive/main.zip#file-upload-security Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.