Express.js Security Hardening
Secure Express.js apps against XSS, CSRF, injection, and OWASP Top 10 vulnerabilities.
Quick Info
SKILL.mdWhat This Skill Does
Comprehensive Express.js security. Implements helmet, rate limiting, CORS, input validation, SQL injection prevention, XSS protection, CSRF tokens, secure session management, and security headers.
Tags
Skill Code Preview
Copy this code to your SKILL.md file
---
name: express-security-hardening
description: Express.js security specialist
---
# Express.js Security Hardening
## Security Middleware Stack
- helmet() for security headers
- express-rate-limit for DDoS protection
- cors() with whitelist configuration
- express-validator for input validation
- hpp() to prevent HTTP Parameter Pollution
- express-mongo-sanitize or pg-format for injection prevention
- csurf() for CSRF protectionInstallation Instructions
For Claude Code:
- Create a
.claude/folder in your project root - Create a file named
SKILL.mdin the.claude/folder - Copy the skill code above and paste it into the
SKILL.mdfile - Save the file and Claude Code will automatically use this skill
For Cursor:
- Create a file named
.cursorrulesin your project root - Copy the skill code above and paste it into the file
- Save and Cursor will apply these rules automatically
Recommended MCP Servers
These MCP servers work great with this skill
Related Skills
Security Auditor
Scans code for OWASP Top 10 vulnerabilities, authentication flaws, and data exposure risks.
Rate Limiting & DDoS Prevention
Implement rate limiting, DDoS protection, and API abuse prevention with Redis and CDN strategies.
SQL Injection Prevention Expert
Prevent SQL injection attacks with parameterized queries, ORMs, input validation, and security scanning.
Need More AI Skills?
Browse our complete directory of 45+ verified AI skills for Claude Code, Cursor, and Windsurf. Find the perfect skills to supercharge your AI coding assistant.