This is your Spring Security checklist in skill form. It covers JWT and OAuth2 authentication, method-level authorization with @PreAuthorize, Bean Validation for inputs, CSRF and CORS config, secrets management, rate limiting with Bucket4j, and dependency scanning. The code samples are production-ready, not toys: proper filter chains, parameterized queries to stop SQL injection, BCrypt password encoding, security headers. Activate it when you're adding auth to an endpoint, handling user input, or reviewing a PR before release. The pre-deploy checklist alone is worth having around. If you're building Spring Boot APIs and don't want to reinvent security patterns, this gives you the guardrails.
npx -y skills add affaan-m/ecc --skill springboot-security --agent claude-codeInstalls into .claude/skills of the current project.
Select a file.
giuseppe-trisciuoglio/developer-kit