skillZs
LIVE SKILL TAGS
>>> LIVE SKILLS INDEX <<<
* OPEN SOURCE *
NO LOGIN, NO TRACKING
REAL INSTALL DATA
← back to all skills
aj-geddes/useful-ai-prompts767 installs

api-security-hardening

Secure REST APIs with authentication, rate limiting, CORS, input validation, and security middleware. Use when building or hardening API endpoints against common attacks.

How do I install this agent skill?

npx skills add https://github.com/aj-geddes/useful-ai-prompts --skill api-security-hardening
view source ↗

Is this agent skill safe to install?

  • Gen Agent Trust Hubpass

    The skill provides educational templates and configuration guides for hardening REST APIs in Node.js, Python, and Nginx. No malicious patterns or security risks were identified.

  • Socketpass

    No alerts

  • Snykpass

    Risk: LOW · No issues

  • Runlayerwarn

    4/7 files flagged

  • ZeroLeakspass

    Score: 93/100 · 2 sections analyzed

What does this agent skill do?

API Security Hardening

Table of Contents

Overview

Implement comprehensive API security measures including authentication, authorization, rate limiting, input validation, and attack prevention to protect against common vulnerabilities.

When to Use

  • New API development
  • Security audit remediation
  • Production API hardening
  • Compliance requirements
  • High-traffic API protection
  • Public API exposure

Quick Start

Minimal working example:

// secure-api.js - Comprehensive API security
const express = require("express");
const helmet = require("helmet");
const rateLimit = require("express-rate-limit");
const mongoSanitize = require("express-mongo-sanitize");
const xss = require("xss-clean");
const hpp = require("hpp");
const cors = require("cors");
const jwt = require("jsonwebtoken");
const validator = require("validator");

class SecureAPIServer {
  constructor() {
    this.app = express();
    this.setupSecurityMiddleware();
    this.setupRoutes();
  }

  setupSecurityMiddleware() {
    // 1. Helmet - Set security headers
    this.app.use(
      helmet({
        contentSecurityPolicy: {
          directives: {
            defaultSrc: ["'self'"],
// ... (see reference guides for full implementation)

Reference Guides

Detailed implementations in the references/ directory:

GuideContents
Node.js/Express API SecurityNode.js/Express API Security
Python FastAPI SecurityPython FastAPI Security
API Gateway Security ConfigurationAPI Gateway Security Configuration

Best Practices

✅ DO

  • Use HTTPS everywhere
  • Implement rate limiting
  • Validate all inputs
  • Use security headers
  • Log security events
  • Implement CORS properly
  • Use strong authentication
  • Version your APIs

❌ DON'T

  • Expose stack traces
  • Return detailed errors
  • Trust user input
  • Use HTTP for APIs
  • Skip input validation
  • Ignore rate limiting

Add the canonical catalog link to the repository README so users can inspect current installs and available audits. The publishing guide covers the complete discovery path.

<a href="https://skillzs.dev/skills/aj-geddes/useful-ai-prompts/api-security-hardening">View api-security-hardening on skillZs</a>