Summary
This brings Spatie's battle-tested security checklist into your workflow when you're configuring apps, reviewing code, or hardening servers. It covers the fundamentals that are easy to forget under deadline pressure: CSRF tokens in forms, SSL everywhere, proper HTTP verbs for destructive actions, hashed passwords, encrypted API keys, SSH key-only authentication, and firewall rules that actually lock things down. The guidance is opinionated in a good way, like insisting on separate database users per database and managing servers through Ansible for quick access revocation. It won't teach you security from scratch, but it's a solid reference for teams who want to align on practical standards without writing their own security policy doc.
Install to Claude Code
npx -y skills add spatie/guidelines-skills --skill spatie-security --agent claude-codeInstalls into .claude/skills of the current project.
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →
Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
Files
SKILL.md
Select a file.
Featured
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
