Skills Guide

Validation Globale

Implémentez une validation complète côté serveur avec validation côté client pour l'expérience utilisateur, utilisant des listes blanches et la désinfection pour prévenir les attaques par injection.

Spar Skills Guide Bot
SecuriteIntermédiaire1 vues0 installations28/02/2026
Claude Code
input-validationsecuritysanitizationinjection-preventiondata-integrity

name: Global Validation description: Implement comprehensive input validation on server-side with complementary client-side validation for user experience, using allowlists, type checking, and sanitization to prevent injection attacks. Use this skill when validating user inputs, form data, API requests, file uploads, query parameters, or any external data entering the application. Apply this skill when implementing server-side validation as the primary security layer, adding client-side validation for immediate user feedback, validating data types and formats, checking ranges and required fields, sanitizing inputs to prevent SQL injection and XSS attacks, using allowlists over blocklists, providing field-specific error messages, or enforcing business rules at appropriate application layers. This skill ensures validation happens at all entry points consistently, security is never dependent on client-side checks alone, users receive helpful immediate feedback, and data integrity is maintained through multiple layers of validation.

Global Validation

This Skill provides Claude Code with specific guidance on how to adhere to coding standards as they relate to how it should handle global validation.

When to use this skill

  • When implementing server-side validation for API endpoints, forms, or data processing
  • When adding client-side validation for immediate user feedback (but always duplicating server-side)
  • When validating user inputs in forms, search fields, or text inputs
  • When processing API request payloads, query parameters, or file uploads
  • When sanitizing inputs to prevent SQL injection, XSS, or command injection attacks
  • When validating data types, formats (email, phone, date), required fields, and ranges
  • When providing specific, helpful error messages for each validation failure
  • When using allowlists (defining what's allowed) rather than blocklists (blocking bad patterns)
  • When implementing business rule validation (sufficient balance, valid dates, inventory checks)
  • When ensuring validation is applied consistently across all entry points (web, API, background jobs)
  • When failing early by rejecting invalid data before processing or storing it
  • When working with form validation libraries or schema validation tools (Yup, Zod, Joi, Pydantic)
  • When adding validation error handling in UI components or API error responses
  • When testing validation logic to ensure security and data integrity

Instructions

For details, refer to the information provided in this file: global validation

Skills similaires

Auditeur de Securite

100Premium
Securite

Analyse le code pour detecter les vulnerabilites OWASP Top 10.

Claude Codeadvanced
21087803Admin

Checklist de Sécurité OWASP

100
Securite

Génère des checklists de sécurité applicative basées sur l'OWASP Top 10.

claudeCursorWindsurfintermediate
14841344Admin

Modélisation de Menaces

100
Securite

Génère des documents de modélisation de menaces avec analyse STRIDE.

claudeCursoradvanced
7823197Admin