Summary
This does language and framework specific security reviews for Python, JavaScript/TypeScript, and Go projects. It operates in three modes: writing secure code from scratch, passively flagging critical vulnerabilities as you work, or generating a full security report with prioritized findings and line numbers. The workflow identifies your stack, loads relevant best practices from its reference files, and either guides you toward secure defaults or produces a detailed markdown report. When fixing issues, it tackles one finding at a time with clear comments and tries hard not to break your existing functionality. The skill respects project specific overrides if you need to bypass certain practices. Useful when starting greenfield projects or finally addressing that security debt you've been putting off.
Install to Claude Code
npx -y skills add openai/skills --skill security-best-practices --agent claude-codeInstalls into .claude/skills of the current project.
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
An agent that runs the SEO playbooks that move rankings and ships PRs you control.
Get founding access →
Connect Claude to +800M contacts, +150M companies. Find & Enrich leads in chat.
Try For Free →Files
SKILL.md
Select a file.
Featured
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →An agent that runs the SEO playbooks that move rankings and ships PRs you control.
Get founding access →Connect Claude to +800M contacts, +150M companies. Find & Enrich leads in chat.
Try For Free →
