Review security risks and mitigations for remote WebF content (untrusted bundles, URL allowlists, HTTPS, trust boundaries, clickjacking). Use when the user mentions untrusted remote bundles, bundle URL validation/allowlists, or remote updates risk.
4.9
Rating
0
Installs
Security
Category
The skill provides a clear security review workflow for remote WebF content with well-defined trust boundaries and validation steps. The description adequately conveys when to invoke it (untrusted bundles, URL validation, remote updates). Structure is clean with references to supporting files. Task knowledge is moderate—it outlines the review process but relies heavily on MCP docs tools for actual security baseline knowledge. Novelty is moderate: while security reviews are valuable, the skill primarily orchestrates standard security checks (URL validation, HTTPS, allowlists) that a capable CLI agent could perform with guidance, though the domain-specific focus on WebF bundles and store guidelines adds some specialized value. The skill would benefit from more concrete checklists or risk scoring frameworks in the referenced files.
majiayu000
Skill Author
Loading SKILL.md…
