This runs systematic security audits on frontend codebases using grep searches for dangerous patterns like dangerouslySetInnerHTML, innerHTML assignments, eval calls, and unescaped Twig output. It covers XSS, CSRF, DOM manipulation vulnerabilities, and checks your CSP configuration across React, Astro, vanilla JS, and Node.js projects. The skill follows OWASP guidelines and outputs findings in a severity-ranked report with remediation steps. Worth running before any security review or deployment. The grep patterns are comprehensive enough to catch most common frontend vulnerabilities, though you'll still need to manually verify each finding since static analysis can't understand full context.
npx skills add https://github.com/schalkneethling/webdev-agent-skills --skill frontend-security