A structured security checklist that runs through authentication, authorization, input validation, output safety, and logging before you ship API changes. You'd pull this in during code reviews, before merging PRs that touch API routes, or when spinning up new endpoints from scratch. It's one of those things that enforces the boring but critical stuff you know you should check but sometimes skip when you're moving fast. With 257 installs and clean audit passes from Gen Agent Trust Hub, Socket, and Snyk, it's clearly filling a gap for teams that want a consistent security gate without building their own checklist from scratch.
npx skills add https://github.com/bobmatnyc/claude-mpm-skills --skill api-security-review