This is a solid foundation for locking down REST APIs with all the essentials in one place: authentication with JWT, rate limiting, helmet for security headers, input sanitization against XSS and NoSQL injection, and proper CORS configuration. You get reference implementations for Node.js/Express, Python FastAPI, and API gateway setups. Use this when you're hardening an existing API before going to production or building a new one that needs to pass a security audit from day one. The quick start example pulls together the usual suspects (helmet, express-rate-limit, xss-clean) so you don't have to remember which npm packages to combine. It won't write your security policy for you, but it handles the technical implementation of common defenses.
npx skills add https://github.com/aj-geddes/useful-ai-prompts --skill api-security-hardening