OpenSkillIndex← back to search
claude-code

Claude-skill-registry fullstack-security

Security and performance - hardening, optimization, auditing

install
source · Clone the upstream repo
git clone https://github.com/majiayu000/claude-skill-registry
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/majiayu000/claude-skill-registry "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/data/fullstack-security" ~/.claude/skills/majiayu000-claude-skill-registry-fullstack-security && rm -rf "$T"
manifest: skills/data/fullstack-security/SKILL.md
source content

Fullstack Security Skill

Atomic skill for security auditing and performance optimization.

Responsibility

Single Purpose: Audit security, optimize performance, and ensure compliance

Actions

audit_security

Perform security audit against specified standards.

// Input
{
  action: "audit_security",
  audit_type: "owasp",
  target: "backend"
}

// Output
{
  success: true,
  vulnerabilities: [
    {
      severity: "high",
      category: "A03:Injection",
      title: "SQL Injection Risk",
      location: "src/routes/users.ts:45",
      remediation: "Use parameterized queries"
    }
  ],
  compliance_status: { owasp_score: 75, passing: 8, failing: 2 },
  recommendations: ["Add input validation", "Implement CSP headers"]
}


optimize_performance

Analyze and optimize application performance.

configure_caching

Set up caching strategies.

harden_infrastructure

Apply security hardening to infrastructure.

Validation Rules

function validateParams(params: SkillParams): ValidationResult {
  if (!params.action) {
    return { valid: false, error: "action is required" };
  }

  if (params.action === 'audit_security' && !params.target) {
    return { valid: false, error: "target required for security audit" };
  }

  return { valid: true };
}

Error Handling

Error CodeDescriptionRecovery
CRITICAL_VULNERABILITYCritical security issue foundBlock deployment, immediate fix
PERFORMANCE_REGRESSIONPerformance degradedRollback or optimize
COMPLIANCE_VIOLATIONCompliance requirement not metDocument and remediate
SCAN_FAILEDSecurity scanner failedUse alternative tool

Logging Hooks

{
  "on_invoke": "log.info('fullstack-security invoked', { action, target })",
  "on_vulnerability": "log.warn('Vulnerability found', { severity, category })",
  "on_success": "log.info('Security check completed', { score, recommendations })",
  "on_error": "log.error('Security skill failed', { error })"
}

Unit Test Template

import { describe, it, expect } from 'vitest';
import { fullstackSecurity } from './fullstack-security';

describe('fullstack-security skill', () => {
  describe('audit_security', () => {
    it('should detect OWASP Top 10 vulnerabilities', async () => {
      const result = await fullstackSecurity({
        action: 'audit_security',
        audit_type: 'owasp',
        target: 'backend'
      });

      expect(result.success).toBe(true);
      expect(result.compliance_status.owasp_score).toBeDefined();
    });

    it('should provide remediation steps', async () => {
      const result = await fullstackSecurity({
        action: 'audit_security',
        target: 'backend'
      });

      result.vulnerabilities.forEach(v => {
        expect(v.remediation).toBeDefined();
      });
    });
  });

  describe('optimize_performance', () => {
    it('should analyze Core Web Vitals', async () => {
      const result = await fullstackSecurity({
        action: 'optimize_performance',
        target: 'frontend'
      });

      expect(result.success).toBe(true);
      expect(result.performance_report.lcp).toBeDefined();
    });
  });
});

Security Checklist

const securityChecklist = {
  authentication: [
    "Strong password policy enforced",
    "MFA available and encouraged",
    "Session timeout configured",
    "Token rotation implemented"
  ],
  authorization: [
    "Role-based access control",
    "Principle of least privilege",
    "Resource-level permissions",
    "Access logging enabled"
  ],
  data_protection: [
    "Encryption at rest",
    "Encryption in transit (TLS 1.3)",
    "PII handling compliant",
    "Backup encryption enabled"
  ]
};

Integration

  • Bonded Agent: 07-security-performance
  • Upstream Skills: All development and DevOps skills
  • Downstream Skills: None (final checkpoint)

Version History

VersionDateChanges
1.0.02024-01Initial release
2.0.02025-01Production-grade upgrade with OWASP 2024