Security
complete-security-validation-engine - Claude MCP Skill
Complete programmatic security validation engine with all threat detection capabilities, repository analysis, AI tool validation, and automated response generation
SEO Guide: Enhance your AI agent with the complete-security-validation-engine tool. This Model Context Protocol (MCP) server allows Claude Desktop and other LLMs to complete programmatic security validation engine with all threat detection capabilities, repository ... Download and configure this skill to unlock new capabilities for your AI workflow.
🌟1 stars • 0 forks
📥0 downloads
Documentation
SKILL.md# Complete Programmatic Security Validation Engine ## PurposeComprehensive security validation system that uses Claudes analysis tool to execute real Java Script-based security checks with complete threat detection coverage. ## Complete Validation Engine ### 1. Advanced Web Security Analyzer javascriptclass WebSecurityAnalyzer constructor this.threatSignatures = // Critical Threats Score 8+ criticalThreats: [ pattern: /evals/gi, type: CODE_INJECTION, severity: CRITICAL, score: 8 , pattern: /Functions/gi, type: DYNAMIC_CODE, severity: CRITICAL, score: 8 , pattern: /crypto.mininger/gi, type: CRYPTO_MINING, severity: CRITICAL, score: 10 , pattern: /bitcoin.mininger/gi, type: BITCOIN_MINING, severity: CRITICAL, score: 10 , pattern: /execssystems/gi, type: COMMAND_EXECUTION, severity: CRITICAL, score: 9 , pattern: /shell_execpassthru/gi, type: SHELL_EXECUTION, severity: CRITICAL, score: 9 ], // High Risk Threats Score 4-7 highRiskThreats: [ pattern: /document.writes/gi, type: DOM_MANIPULATION, severity: HIGH, score: 5 , pattern: /innerHTMLs=/gi, type: XSS_RISK, severity: HIGH, score: 4 , pattern: /localStorage.setItem/gi, type: DATA_HARVESTING, severity: HIGH, score: 4 , pattern: /sessionStorage.setItem/gi, type: SESSION_HARVESTING, severity: HIGH, score: 4 , pattern: /navigator.geolocation/gi, type: LOCATION_TRACKING, severity: HIGH, score: 5 , pattern: /navigator.mediaDevices/gi, type: MEDIA_ACCESS, severity: HIGH, score: 6 ], // Medium Risk Threats Score 2-3 mediumRiskThreats: [ pattern: /setTimeouts.eval/gi, type: DELAYED_INJECTION, severity: MEDIUM, score: 3 , pattern: /setIntervals.eval/gi, type: RECURRING_INJECTION, severity: MEDIUM, score: 3 , pattern: /onclicks=s[].eval/gi, type: EVENT_INJECTION, severity: MEDIUM, score: 3 , pattern: /.srcs=s[][^]javascript:/gi, type: JAVASCRIPT_URL, severity: MEDIUM, score: 2 ] this.promptInjectionSignatures = // Critical Prompt Injections criticalInjections: [ pattern: /ignores+:alls+previouss+instructions/gi, type: IGNORE_INSTRUCTIONS, severity: CRITICAL, score: 8 , pattern: /yous+ares+nows+as+differents+:AIassistantbot/gi, type: ROLE_CHANGE, severity: CRITICAL, score: 8 , pattern: /forgets+:yours+constraints/gi, type: CONSTRAINT_BYPASS, severity: CRITICAL, score: 8 , pattern: /bypasss+:alls+safetys+:guidelinesmeasuresprotocols/gi, type: SAFETY_BYPASS, severity: CRITICAL, score: 8 , pattern: /systems+prompts+:overridebypassignore/gi, type: SYSTEM_OVERRIDE, severity: CRITICAL, score: 9 , pattern: /reveals+:yours+:systems+promptinstructionsguidelines/gi, type: PROMPT_EXTRACTION, severity: CRITICAL, score: 7 ], // High Risk Injections highRiskInjections: [ pattern: /acts+ass+:ifs+:yous+haves+nos+restrictions/gi, type: UNRESTRICTED_MODE, severity: HIGH, score: 6 , pattern: /pretends+:yous+:aretos+bes+:ans+unrestricted/gi, type: UNRESTRICTED_PRETEND, severity: HIGH, score: 6 , pattern: /jailbreaks+modedevelopers+mode/gi, type: JAILBREAK_MODE, severity: HIGH, score: 5 , pattern: /answers+withouts+:anys+restrictions/gi, type: UNRESTRICTED_ANSWER, severity: HIGH, score: 5 ] this.securityHeaders = [ name: content-security-policy, severity: HIGH, score: 4, critical: true , name: strict-transport-security, severity: MEDIUM, score: 2, critical: false , name: x-frame-options, severity: HIGH, score: 3, critical: true , name: x-content-type-options, severity: MEDIUM, score: 2, critical: false , name: x-xss-protection, severity: LOW, score: 1, critical: false , name: referrer-policy, severity: LOW, score: 1, critical: false ] analyzeSecurityHeader sheaders const threats = [] let riskScore = 0 let criticalHeadersMissing = 0 this.securityHeaders.forEach name, severity, score, critical = const headerExists = headers[name] headers[name.toUpperCase] headers[name.toLowerCase] if headerExists threats.pu sh type: MISSING_SECURITY_HEADER, header: name, severity: severity, description: Missing name security header, score: score, critical: critical riskScore += score if critical criticalHeadersMissing++ // Bonus risk for missing multiple critical headers if criticalHeadersMissing = 2 riskScore += 3 threats.pu sh type: MULTIPLE_CRITICAL_HEADERS_MISSING, severity: HIGH, description: criticalHeadersMissing critical security headers missing, score: 3 return threats, riskScore analyzeContentcontent const threats = [] let riskScore = 0 // Scan all threat cate gories const allSignatures = [ ...this.threatSignatures.criticalThreats, ...this.threatSignatures.highRiskThreats, ...this.threatSignatures.mediumRiskThreats ] allSignatures.forEach pattern, type, severity, score = const matches = content.matchpattern if matches threats.pu sh type: type, severity: severity, matches: matches.length, description: Detected matches.length instances of type.toLowerCase, score: score, evidence: matches.slice0, 2 riskScore += score // Hidden/suspicious elements const suspiciousElements = this.detectSuspiciousElementscontent threats.pu sh...suspiciousElements.threats riskScore += suspiciousElements.riskScore return threats, riskScore detectSuspiciousElementscontent const threats = [] let riskScore = 0 const suspiciousPatterns = [ pattern: /iframe[^]styles=s[][^]displays:snone[^][][^]/gi, type: HIDDEN_IFRAME, severity: HIGH, score: 5 , pattern: /div[^]styles=s[][^]displays:snone[^][][^]/gi, type: HIDDEN_DIV, severity: MEDIUM, score: 3 , pattern: /styles=s[][^]visibilitys:shidden[^][]/gi, type: INVISIBLE_CONTENT, severity: MEDIUM, score: 2 , pattern: /script[^]srcs=s[][^]data:/gi, type: DATA_URL_SCRIPT, severity: HIGH, score: 6 ] suspiciousPatterns.forEach pattern, type, severity, score = const matches = content.matchpattern if matches threats.pu sh type: type, severity: severity, count: matches.length, description: Detected matches.length type.toLowerCase elements, score: score riskScore += score return threats, riskScore detectPromptInjectioncontent const threats = [] let riskScore = 0 const allInjections = [ ...this.promptInjectionSignatures.criticalInjections, ...this.promptInjectionSignatures.highRiskInjections ] allInjections.forEach pattern, type, severity, score = const matches = content.matchpattern if matches threats.pu sh type: type, severity: severity, matches: matches.length, description: Prompt injection attempt: type.toLowerCase, evidence: matches[0], score: score riskScore += score // Check for encoded injection attempts riskScore += this.detectEncodedContentcontent, threats return threats, riskScore detectEncodedContentcontent, threats let riskScore = 0 const encodingPatterns = [ pattern: /base64[,:]s[A-Za-z0-9+/=]30,/gi, type: SUSPICIOUS_BASE64, thre shold: 5, score: 3 , pattern: /u[0-9a-fA-F]4/g, type: UNICODE_ENCODING, thre shold: 20, score: 2 , pattern: /#x[0-9a-fA-F]2,4/gi, type: HTML_ENTITY_ENCODING, thre shold: 30, score: 2 ] encodingPatterns.forEach pattern, type, thre shold, score = const matches = content.matchpattern if matches matches.length thre shold threats.pu sh type: type, severity: MEDIUM, matches: matches.length, description: Suspicious amount of type.toLower Case, score: score ri
Signals
Avg rating⭐ 0.0
Reviews0
Favorites0
Information
- Repository
- mickdarling/dollhouse-portfolio
- Author
- mickdarling
- Last Sync
- 1/14/2026
- Repo Updated
- 10/25/2025
- Created
- 1/13/2026
Reviews (0)
No reviews yet. Be the first to review this skill!
Related Skills
upgrade-webkit
Upgrade Bun's Webkit fork to the latest upstream version of Webkit.
⭐ 44050Has guide
browser-use
Automates browser interactions for web testing, form filling, screenshots, and data extraction. Use when the user needs to navigate websites, interact with web pages, fill forms, take screenshots, or extract information from web pages.
⭐ 20123
remote-browser
Controls a cloud browser from a sandboxed remote machine. Use when the agent is running in a sandbox (no GUI) and needs to navigate websites, interact with web pages, fill forms, take screenshots, or expose local dev servers via tunnels.
⭐ 20123
code-review
Perform thorough code reviews with security, performance, and maintainability analysis. Use when user asks to review code, check for bugs, or audit a codebase.
⭐ 6323
Related Guides
Mastering the Oracle CLI: A Complete Guide to the Claude Skill for Database Professionals
Learn how to use the oracle Claude skill. Complete guide with installation instructions and examples.
Python Django Best Practices: A Comprehensive Guide to the Claude Skill
Learn how to use the python django best practices Claude skill. Complete guide with installation instructions and examples.
Mastering VSCode Extension Development with Claude: A Complete Guide to the TypeScript Extension Dev Skill
Learn how to use the vscode extension dev typescript Claude skill. Complete guide with installation instructions and examples.