陌讯skills聚合平台

security-headers

📁 fusengine/agents 📅 Today
3
总安装量
1
周安装量
#62001
全站排名
安装命令
npx skills add https://github.com/fusengine/agents --skill security-headers

Agent 安装分布

amp 1
cline 1
opencode 1
cursor 1
continue 1
kimi-cli 1

Skill 文档

Security Headers Skill

Overview

Audit and configure HTTP security headers for web applications.

Required Headers

Header Purpose Severity if Missing
Content-Security-Policy Prevent XSS/injection HIGH
Strict-Transport-Security Force HTTPS HIGH
X-Content-Type-Options Prevent MIME sniffing MEDIUM
X-Frame-Options Prevent clickjacking MEDIUM
Referrer-Policy Control referrer info LOW
Permissions-Policy Control browser features LOW
X-XSS-Protection Legacy XSS filter LOW

Workflow

  1. Detect framework (Next.js, Laravel, Express, etc.)
  2. Check current header configuration
  3. Compare against security best practices
  4. Generate framework-specific configuration
  5. Validate headers are properly set

Detection Points

Framework Config Location
Next.js next.config.js headers, middleware.ts
Laravel SecurityHeaders middleware
Express helmet middleware
Django SECURE_* settings

References

GitHub 仓库 ↗ ← 返回陌讯 Skills 聚合平台
本页面由 陌讯 Skills 聚合平台 收录整理,数据定期更新。