django-security

Django安全最佳实践，身份验证，授权，CSRF保护，SQL注入预防，XSS预防和安全部署配置。

Install with Tessl CLI

npx tessl i github:affaan-m/everything-claude-code --skill django-security

What are skills?

Review — 53%

Does it follow best practices?

If you maintain this skill, you can automatically optimize it using the tessl CLI to improve its score:

npx tessl skill review --optimize ./path/to/skill

Learn more

Validation — 10 / 11 Passed

Validation for skill structure

SKILL.md

Review

Evals

Evaluation results

100%

Production Deployment Configuration for HealthTrack Django App

Production security settings

Criteria

Without context

With context

DEBUG disabled

100%

ALLOWED_HOSTS from env

100%

SSL redirect

100%

Secure cookies

100%

HSTS full config

100%

NoSniff and XSS filter

100%

X-Frame-Options DENY

100%

HttpOnly cookies

100%

SameSite cookies

100%

SECRET_KEY from env

100%

Missing SECRET_KEY raises error

100%

Password validator count

100%

Min password length 12

100%

Without context: $0.4824 · 2m 2s · 22 turns · 29 in / 7,981 out tokens

With context: $0.6298 · 2m 7s · 25 turns · 277 in / 8,208 out tokens

88%

User Profile and Document Sharing Feature

File upload validation and XSS prevention

Criteria

Without context

With context

Extension allowlist validation

100%

File size validation

100%

Validators attached to model/form

100%

No mark_safe on raw user input

100%

escape() or format_html() for inline HTML

100%

Template auto-escape respected

100%

escapejs in JS context

91%

100%

ORM for database queries

100%

CSP header set

Without context: $0.6323 · 3m 2s · 27 turns · 34 in / 10,102 out tokens

With context: $0.6390 · 2m 5s · 27 turns · 279 in / 7,627 out tokens

83%

API Backend for TaskFlow Project Management Tool

DRF API auth, throttling, and custom user model

Criteria

Without context

With context

Custom User model

100%

Email as USERNAME_FIELD

100%

AUTH_USER_MODEL configured

100%

Argon2 primary hasher

100%

Anon throttle class

100%

User throttle class

100%

Throttle rates defined

100%

IsAuthenticated default permission

100%

raise_exception in CBV

Security logging configured

100%

Password validators present

100%

CSRF trusted origins

Without context: $0.6019 · 2m 38s · 25 turns · 32 in / 11,164 out tokens

With context: $0.9029 · 2m 33s · 35 turns · 288 in / 10,160 out tokens

Evaluated: about 17 hours ago
Agent: Claude Code

Table of Contents

Production Deployment Configuration for HealthTrack Django App User Profile and Document Sharing Feature API Backend for TaskFlow Project Management Tool

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.