This is your production Django security checklist in one place. It covers the settings you need to lock down before deployment (HSTS, secure cookies, ALLOWED_HOSTS), authentication patterns like custom user models and Argon2 password hashing, and authorization with permission mixins and RBAC. The SQL injection section shows safe ORM usage versus dangerous raw queries, and the XSS part walks through template escaping and the escapejs filter. Use this when you're hardening a Django app for production, setting up auth, or doing a security review. It's comprehensive without being theoretical, just the code you actually need to write.
npx -y skills add affaan-m/ecc --skill django-security --agent claude-codeInstalls into .claude/skills of the current project.
Select a file.
giuseppe-trisciuoglio/developer-kit