Validating CSRF Protection

This skill helps to identify Cross-Site Request Forgery (CSRF) vulnerabilities in web applications. It validates the implementation of CSRF protection mechanisms, such as synchronizer tokens, double-submit cookies, SameSite attributes, and origin validation. Use this skill when you need to analyze your application's security posture against CSRF attacks or when asked to "validate csrf", "check for csrf vulnerabilities", or "test csrf protection".

Overall
score

16%

Review — 0%

Does it follow best practices?

If you maintain this skill, you can automatically optimize it using the tessl CLI to improve its score:

npx tessl skill review --optimize ./path/to/skill

Learn more

Validation — 10 / 16 Passed

Validation for skill structure

Validation failed for this skill

This skill has errors that need to be fixed before it can move to Implementation and Discovery review.

SKILL.md

Review

Evals

Discovery

Skipped

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

Implementation

Skipped

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

Validation

63%

Warnings & errors only

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation — 10 / 16 Passed

Validation for skill structure

Criteria	Description	Result
name_field	'name' must contain only lowercase letters, digits, and hyphens	Fail
description_voice	'description' should use third person voice; found second person: 'your '	Warning
description_trigger_hint	Description may be missing an explicit 'when to use' trigger hint (e.g., 'Use when...')	Warning
metadata_version	'metadata' field is not a dictionary	Warning
license_field	'license' field is missing	Warning
body_output_format	No obvious output/return/format terms detected; consider specifying expected outputs	Warning

	Total	10 / 16 Failed

Reviewed: 3 days ago

Table of Contents

Discovery Implementation Validation

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.