Summary
This is a solid reference checklist for Java security audits that covers the OWASP Top 10 with practical code examples across Spring, Quarkus, Jakarta EE, and plain Java. It shows you the right way to do parameterized queries, input validation with Bean Validation annotations, XSS prevention with output encoding, and proper password hashing. The side-by-side good/bad examples make it easy to spot vulnerabilities during code review. Use this before production releases or when someone asks about security issues. The cross-framework approach is helpful since the validation and JDBC patterns work everywhere, though some features like CSRF configuration are framework specific.
Install to Claude Code
npx -y skills add decebals/claude-code-java --skill security-audit --agent claude-codeInstalls into .claude/skills of the current project.
Connect Claude to +800M contacts, +150M companies. Find & Enrich leads in chat.
Try For Free →
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
An agent that runs the SEO playbooks that move rankings and ships PRs you control.
Get founding access →Files
SKILL.md
Select a file.
Featured
Connect Claude to +800M contacts, +150M companies. Find & Enrich leads in chat.
Try For Free →Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →An agent that runs the SEO playbooks that move rankings and ships PRs you control.
Get founding access →
