{"id":"5260b38c-86b9-4d8c-b956-1ee8ae6f8886","shortId":"BF2Lcf","kind":"skill","title":"frontend-security-coder","tagline":"Expert in secure frontend coding practices specializing in XSS prevention, output sanitization, and client-side security patterns.","description":"## Use this skill when\n\n- Working on frontend security coder tasks or workflows\n- Needing guidance, best practices, or checklists for frontend security coder\n\n## Do not use this skill when\n\n- The task is unrelated to frontend security coder\n- You need a different domain or tool outside this scope\n\n## Instructions\n\n- Clarify goals, constraints, and required inputs.\n- Apply relevant best practices and validate outcomes.\n- Provide actionable steps and verification.\n- If detailed examples are required, open `resources/implementation-playbook.md`.\n\nYou are a frontend security coding expert specializing in client-side security practices, XSS prevention, and secure user interface development.\n\n## Purpose\nExpert frontend security developer with comprehensive knowledge of client-side security practices, DOM security, and browser-based vulnerability prevention. Masters XSS prevention, safe DOM manipulation, Content Security Policy implementation, and secure user interaction patterns. Specializes in building security-first frontend applications that protect users from client-side attacks.\n\n## When to Use vs Security Auditor\n- **Use this agent for**: Hands-on frontend security coding, XSS prevention implementation, CSP configuration, secure DOM manipulation, client-side vulnerability fixes\n- **Use security-auditor for**: High-level security audits, compliance assessments, DevSecOps pipeline design, threat modeling, security architecture reviews, penetration testing planning\n- **Key difference**: This agent focuses on writing secure frontend code, while security-auditor focuses on auditing and assessing security posture\n\n## Capabilities\n\n### Output Handling and XSS Prevention\n- **Safe DOM manipulation**: textContent vs innerHTML security, secure element creation and modification\n- **Dynamic content sanitization**: DOMPurify integration, HTML sanitization libraries, custom sanitization rules\n- **Context-aware encoding**: HTML entity encoding, JavaScript string escaping, URL encoding\n- **Template security**: Secure templating practices, auto-escaping configuration, template injection prevention\n- **User-generated content**: Safe rendering of user inputs, markdown sanitization, rich text editor security\n- **Document.write alternatives**: Secure alternatives to document.write, modern DOM manipulation techniques\n\n### Content Security Policy (CSP)\n- **CSP header configuration**: Directive setup, policy refinement, report-only mode implementation\n- **Script source restrictions**: nonce-based CSP, hash-based CSP, strict-dynamic policies\n- **Inline script elimination**: Moving inline scripts to external files, event handler security\n- **Style source control**: CSS nonce implementation, style-src directives, unsafe-inline alternatives\n- **Report collection**: CSP violation reporting, monitoring and alerting on policy violations\n- **Progressive CSP deployment**: Gradual CSP tightening, compatibility testing, fallback strategies\n\n### Input Validation and Sanitization\n- **Client-side validation**: Form validation security, input pattern enforcement, data type validation\n- **Allowlist validation**: Whitelist-based input validation, predefined value sets, enumeration security\n- **Regular expression security**: Safe regex patterns, ReDoS prevention, input format validation\n- **File upload security**: File type validation, size restrictions, virus scanning integration\n- **URL validation**: Link validation, protocol restrictions, malicious URL detection\n- **Real-time validation**: Secure AJAX validation, rate limiting for validation requests\n\n### CSS Handling Security\n- **Dynamic style sanitization**: CSS property validation, style injection prevention, safe CSS generation\n- **Inline style alternatives**: External stylesheet usage, CSS-in-JS security, style encapsulation\n- **CSS injection prevention**: Style property validation, CSS expression prevention, browser-specific protections\n- **CSP style integration**: style-src directives, nonce-based styles, hash-based style validation\n- **CSS custom properties**: Secure CSS variable usage, property sanitization, dynamic theming security\n- **Third-party CSS**: External stylesheet validation, subresource integrity for stylesheets\n\n### Clickjacking Protection\n- **Frame detection**: Intersection Observer API implementation, UI overlay detection, frame-busting logic\n- **Frame-busting techniques**: JavaScript-based frame busting, top-level navigation protection\n- **X-Frame-Options**: DENY and SAMEORIGIN implementation, frame ancestor control\n- **CSP frame-ancestors**: Content Security Policy frame protection, granular frame source control\n- **SameSite cookie protection**: Cross-frame CSRF protection, cookie isolation techniques\n- **Visual confirmation**: User action confirmation, critical operation verification, overlay detection\n- **Environment-specific deployment**: Apply clickjacking protection only in production or standalone applications, disable or relax during development when embedding in iframes\n\n### Secure Redirects and Navigation\n- **Redirect validation**: URL allowlist validation, internal redirect verification, domain allowlist enforcement\n- **Open redirect prevention**: Parameterized redirect protection, fixed destination mapping, identifier-based redirects\n- **URL manipulation security**: Query parameter validation, fragment handling, URL construction security\n- **History API security**: Secure state management, navigation event handling, URL spoofing prevention\n- **External link handling**: rel=\"noopener noreferrer\" implementation, target=\"_blank\" security\n- **Deep link validation**: Route parameter validation, path traversal prevention, authorization checks\n\n### Authentication and Session Management\n- **Token storage**: Secure JWT storage, localStorage vs sessionStorage security, token refresh handling\n- **Session timeout**: Automatic logout implementation, activity monitoring, session extension security\n- **Multi-tab synchronization**: Cross-tab session management, storage event handling, logout propagation\n- **Biometric authentication**: WebAuthn implementation, FIDO2 integration, fallback authentication\n- **OAuth client security**: PKCE implementation, state parameter validation, authorization code handling\n- **Password handling**: Secure password fields, password visibility toggles, form auto-completion security\n\n### Browser Security Features\n- **Subresource Integrity (SRI)**: CDN resource validation, integrity hash generation, fallback mechanisms\n- **Trusted Types**: DOM sink protection, policy configuration, trusted HTML generation\n- **Feature Policy**: Browser feature restrictions, permission management, capability control\n- **HTTPS enforcement**: Mixed content prevention, secure cookie handling, protocol upgrade enforcement\n- **Referrer Policy**: Information leakage prevention, referrer header control, privacy protection\n- **Cross-Origin policies**: CORP and COEP implementation, cross-origin isolation, shared array buffer security\n\n### Third-Party Integration Security\n- **CDN security**: Subresource integrity, CDN fallback strategies, third-party script validation\n- **Widget security**: Iframe sandboxing, postMessage security, cross-frame communication protocols\n- **Analytics security**: Privacy-preserving analytics, data collection minimization, consent management\n- **Social media integration**: OAuth security, API key protection, user data handling\n- **Payment integration**: PCI compliance, tokenization, secure payment form handling\n- **Chat and support widgets**: XSS prevention in chat interfaces, message sanitization, content filtering\n\n### Progressive Web App Security\n- **Service Worker security**: Secure caching strategies, update mechanisms, worker isolation\n- **Web App Manifest**: Secure manifest configuration, deep link handling, app installation security\n- **Push notifications**: Secure notification handling, permission management, payload validation\n- **Offline functionality**: Secure offline storage, data synchronization security, conflict resolution\n- **Background sync**: Secure background operations, data integrity, privacy considerations\n\n### Mobile and Responsive Security\n- **Touch interaction security**: Gesture validation, touch event security, haptic feedback\n- **Viewport security**: Secure viewport configuration, zoom prevention for sensitive forms\n- **Device API security**: Geolocation privacy, camera/microphone permissions, sensor data protection\n- **App-like behavior**: PWA security, full-screen mode security, navigation gesture handling\n- **Cross-platform compatibility**: Platform-specific security considerations, feature detection security\n\n## Behavioral Traits\n- Always prefers textContent over innerHTML for dynamic content\n- Implements comprehensive input validation with allowlist approaches\n- Uses Content Security Policy headers to prevent script injection\n- Validates all user-supplied URLs before navigation or redirects\n- Applies frame-busting techniques only in production environments\n- Sanitizes all dynamic content with established libraries like DOMPurify\n- Implements secure authentication token storage and management\n- Uses modern browser security features and APIs\n- Considers privacy implications in all user interactions\n- Maintains separation between trusted and untrusted content\n\n## Knowledge Base\n- XSS prevention techniques and DOM security patterns\n- Content Security Policy implementation and configuration\n- Browser security features and APIs\n- Input validation and sanitization best practices\n- Clickjacking and UI redressing attack prevention\n- Secure authentication and session management patterns\n- Third-party integration security considerations\n- Progressive Web App security implementation\n- Modern browser security headers and policies\n- Client-side vulnerability assessment and mitigation\n\n## Response Approach\n1. **Assess client-side security requirements** including threat model and user interaction patterns\n2. **Implement secure DOM manipulation** using textContent and secure APIs\n3. **Configure Content Security Policy** with appropriate directives and violation reporting\n4. **Validate all user inputs** with allowlist-based validation and sanitization\n5. **Implement clickjacking protection** with frame detection and busting techniques\n6. **Secure navigation and redirects** with URL validation and allowlist enforcement\n7. **Apply browser security features** including SRI, Trusted Types, and security headers\n8. **Handle authentication securely** with proper token storage and session management\n9. **Test security controls** with both automated scanning and manual verification\n\n## Example Interactions\n- \"Implement secure DOM manipulation for user-generated content display\"\n- \"Configure Content Security Policy to prevent XSS while maintaining functionality\"\n- \"Create secure form validation that prevents injection attacks\"\n- \"Implement clickjacking protection for sensitive user operations\"\n- \"Set up secure redirect handling with URL validation and allowlists\"\n- \"Sanitize user input for rich text editor with DOMPurify integration\"\n- \"Implement secure authentication token storage and rotation\"\n- \"Create secure third-party widget integration with iframe sandboxing\"\n\n## Limitations\n- Use this skill only when the task clearly matches the scope described above.\n- Do not treat the output as a substitute for environment-specific validation, testing, or expert review.\n- Stop and ask for clarification if required inputs, permissions, safety boundaries, or success criteria are missing.","tags":["frontend","security","coder","antigravity","awesome","skills","sickn33","agent-skills","agentic-skills","ai-agent-skills","ai-agents","ai-coding"],"capabilities":["skill","source-sickn33","skill-frontend-security-coder","topic-agent-skills","topic-agentic-skills","topic-ai-agent-skills","topic-ai-agents","topic-ai-coding","topic-ai-workflows","topic-antigravity","topic-antigravity-skills","topic-claude-code","topic-claude-code-skills","topic-codex-cli","topic-codex-skills"],"categories":["antigravity-awesome-skills"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/sickn33/antigravity-awesome-skills/frontend-security-coder","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add sickn33/antigravity-awesome-skills","source_repo":"https://github.com/sickn33/antigravity-awesome-skills","install_from":"skills.sh"}},"qualityScore":"0.700","qualityRationale":"deterministic score 0.70 from registry signals: · indexed on github topic:agent-skills · 34793 github stars · SKILL.md body (11,565 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-04-24T00:50:59.982Z","embedding":null,"createdAt":"2026-04-18T21:37:42.406Z","updatedAt":"2026-04-24T00:50:59.982Z","lastSeenAt":"2026-04-24T00:50:59.982Z","tsv":"'1':1192 '2':1206 '3':1216 '4':1227 '5':1239 '6':1249 '7':1260 '8':1272 '9':1283 'action':84,617 'activ':739 'agent':177,224 'ajax':463 'alert':384 'allowlist':415,653,659,1061,1234,1258,1340 'allowlist-bas':1233 'altern':311,313,376,487 'alway':1048 'analyt':888,893 'ancestor':588,593 'api':556,686,904,1011,1113,1147,1215 'app':934,947,955,1021,1174 'app-lik':1020 'appli':76,628,1082,1261 'applic':160,636 'approach':1062,1191 'appropri':1222 'architectur':216 'array':857 'ask':1401 'assess':209,239,1187,1193 'attack':168,1158,1323 'audit':207,237 'auditor':174,201,234 'authent':718,759,765,1102,1161,1274,1353 'author':716,774 'auto':289,787 'auto-complet':786 'auto-escap':288 'autom':1289 'automat':736 'awar':273 'background':977,980 'base':135,341,345,419,520,524,571,672,1129,1235 'behavior':1023,1046 'best':37,78,1152 'biometr':758 'blank':705 'boundari':1409 'browser':134,508,790,816,1109,1143,1178,1262 'browser-bas':133 'browser-specif':507 'buffer':858 'build':155 'bust':563,567,573,1085,1247 'cach':940 'camera/microphone':1015 'capabl':242,821 'cdn':796,865,869 'chat':919,926 'check':717 'checklist':40 'clarif':1403 'clarifi':70 'clear':1376 'clickjack':550,629,1154,1241,1325 'client':19,105,126,166,194,403,767,1184,1195 'client-sid':18,104,125,165,193,402,1183,1194 'code':9,100,184,230,775 'coder':4,31,44,58 'coep':850 'collect':378,895 'communic':886 'compat':394,1037 'complet':788 'complianc':208,913 'comprehens':122,1057 'configur':189,291,326,810,951,1004,1142,1217,1306 'confirm':615,618 'conflict':975 'consent':897 'consid':1114 'consider':985,1042,1171 'constraint':72 'construct':683 'content':144,261,298,320,594,826,930,1055,1064,1094,1127,1137,1218,1304,1307 'context':272 'context-awar':271 'control':365,589,602,822,841,1286 'cooki':604,611,829 'corp':848 'creat':1316,1358 'creation':257 'criteria':1412 'critic':619 'cross':607,749,845,853,884,1035 'cross-fram':606,883 'cross-origin':844,852 'cross-platform':1034 'cross-tab':748 'csp':188,323,324,342,346,379,389,392,511,590 'csrf':609 'css':366,470,476,483,492,498,504,527,531,542 'css-in-j':491 'custom':268,528 'data':412,894,908,972,982,1018 'deep':707,952 'deni':583 'deploy':390,627 'describ':1380 'design':212 'destin':668 'detail':89 'detect':457,553,560,623,1044,1245 'develop':115,120,641 'devic':1010 'devsecop':210 'differ':62,222 'direct':327,372,517,1223 'disabl':637 'display':1305 'document.write':310,315 'dom':130,142,191,249,317,806,1134,1209,1298 'domain':63,658 'dompurifi':263,1099,1349 'dynam':260,349,473,536,1054,1093 'editor':308,1347 'element':256 'elimin':353 'embed':643 'encapsul':497 'encod':274,277,282 'enforc':411,660,824,833,1259 'entiti':276 'enumer':425 'environ':625,1090,1392 'environment-specif':624,1391 'escap':280,290 'establish':1096 'event':360,692,754,996 'exampl':90,1294 'expert':5,101,117,1397 'express':428,505 'extens':742 'extern':358,488,543,697 'fallback':396,764,802,870 'featur':792,814,817,1043,1111,1145,1264 'feedback':999 'fido2':762 'field':781 'file':359,438,441 'filter':931 'first':158 'fix':197,667 'focus':225,235 'form':406,785,917,1009,1318 'format':436 'fragment':680 'frame':552,562,566,572,581,587,592,597,600,608,885,1084,1244 'frame-ancestor':591 'frame-bust':561,565,1083 'frontend':2,8,29,42,56,98,118,159,182,229 'frontend-security-cod':1 'full':1027 'full-screen':1026 'function':968,1315 'generat':297,484,801,813,1303 'geoloc':1013 'gestur':993,1032 'goal':71 'gradual':391 'granular':599 'guidanc':36 'hand':180 'handl':244,471,681,693,699,733,755,776,778,830,909,918,954,962,1033,1273,1335 'handler':361 'hands-on':179 'haptic':998 'hash':344,523,800 'hash-bas':343,522 'header':325,840,1067,1180,1271 'high':204 'high-level':203 'histori':685 'html':265,275,812 'https':823 'identifi':671 'identifier-bas':670 'ifram':645,879,1366 'implement':147,187,335,368,557,586,703,738,761,770,851,1056,1100,1140,1176,1207,1240,1296,1324,1351 'implic':1116 'includ':1199,1265 'inform':836 'inject':293,480,499,1071,1322 'inlin':351,355,375,485 'innerhtml':253,1052 'input':75,303,398,409,420,435,1058,1148,1231,1343,1406 'instal':956 'instruct':69 'integr':264,448,513,547,763,794,799,863,868,901,911,983,1169,1350,1364 'interact':151,991,1120,1204,1295 'interfac':114,927 'intern':655 'intersect':554 'isol':612,855,945 'javascript':278,570 'javascript-bas':569 'js':494 'jwt':725 'key':221,905 'knowledg':123,1128 'leakag':837 'level':205,576 'librari':267,1097 'like':1022,1098 'limit':466,1368 'link':451,698,708,953 'localstorag':727 'logic':564 'logout':737,756 'maintain':1121,1314 'malici':455 'manag':690,721,752,820,898,964,1106,1164,1282 'manifest':948,950 'manipul':143,192,250,318,675,1210,1299 'manual':1292 'map':669 'markdown':304 'master':138 'match':1377 'mechan':803,943 'media':900 'messag':928 'minim':896 'miss':1414 'mitig':1189 'mix':825 'mobil':986 'mode':334,1029 'model':214,1201 'modern':316,1108,1177 'modif':259 'monitor':382,740 'move':354 'multi':745 'multi-tab':744 'navig':577,649,691,1031,1079,1251 'need':35,60 'nonc':340,367,519 'nonce-bas':339,518 'noopen':701 'noreferr':702 'notif':959,961 'oauth':766,902 'observ':555 'offlin':967,970 'open':93,661 'oper':620,981,1330 'option':582 'origin':846,854 'outcom':82 'output':15,243,1386 'outsid':66 'overlay':559,622 'paramet':678,711,772 'parameter':664 'parti':541,862,874,1168,1362 'password':777,780,782 'path':713 'pattern':22,152,410,432,1136,1165,1205 'payload':965 'payment':910,916 'pci':912 'penetr':218 'permiss':819,963,1016,1407 'pipelin':211 'pkce':769 'plan':220 'platform':1036,1039 'platform-specif':1038 'polici':146,322,329,350,386,596,809,815,835,847,1066,1139,1182,1220,1309 'postmessag':881 'postur':241 'practic':10,38,79,108,129,287,1153 'predefin':422 'prefer':1049 'preserv':892 'prevent':14,110,137,140,186,247,294,434,481,500,506,663,696,715,827,838,924,1006,1069,1131,1159,1311,1321 'privaci':842,891,984,1014,1115 'privacy-preserv':890 'product':633,1089 'progress':388,932,1172 'propag':757 'proper':1277 'properti':477,502,529,534 'protect':162,510,551,578,598,605,610,630,666,808,843,906,1019,1242,1326 'protocol':453,831,887 'provid':83 'purpos':116 'push':958 'pwa':1024 'queri':677 'rate':465 'real':459 'real-tim':458 'redirect':647,650,656,662,665,673,1081,1253,1334 'redo':433 'redress':1157 'referr':834,839 'refin':330 'refresh':732 'regex':431 'regular':427 'rel':700 'relax':639 'relev':77 'render':300 'report':332,377,381,1226 'report-on':331 'request':469 'requir':74,92,1198,1405 'resolut':976 'resourc':797 'resources/implementation-playbook.md':94 'respons':988,1190 'restrict':338,445,454,818 'review':217,1398 'rich':306,1345 'rotat':1357 'rout':710 'rule':270 'safe':141,248,299,430,482 'safeti':1408 'sameorigin':585 'samesit':603 'sandbox':880,1367 'sanit':16,262,266,269,305,401,475,535,929,1091,1151,1238,1341 'scan':447,1290 'scope':68,1379 'screen':1028 'script':336,352,356,875,1070 'secur':3,7,21,30,43,57,99,107,112,119,128,131,145,149,157,173,183,190,200,206,215,228,233,240,254,255,284,285,309,312,321,362,408,426,429,440,462,472,495,530,538,595,646,676,684,687,688,706,724,730,743,768,779,789,791,828,859,864,866,878,882,889,903,915,935,938,939,949,957,960,969,974,979,989,992,997,1001,1002,1012,1025,1030,1041,1045,1065,1101,1110,1135,1138,1144,1160,1170,1175,1179,1197,1208,1214,1219,1250,1263,1270,1275,1285,1297,1308,1317,1333,1352,1359 'security-auditor':199,232 'security-first':156 'sensit':1008,1328 'sensor':1017 'separ':1122 'servic':936 'session':720,734,741,751,1163,1281 'sessionstorag':729 'set':424,1331 'setup':328 'share':856 'side':20,106,127,167,195,404,1185,1196 'sink':807 'size':444 'skill':25,49,1371 'skill-frontend-security-coder' 'social':899 'sourc':337,364,601 'source-sickn33' 'special':11,102,153 'specif':509,626,1040,1393 'spoof':695 'src':371,516 'sri':795,1266 'standalon':635 'state':689,771 'step':85 'stop':1399 'storag':723,726,753,971,1104,1279,1355 'strategi':397,871,941 'strict':348 'strict-dynam':347 'string':279 'style':363,370,474,479,486,496,501,512,515,521,525 'style-src':369,514 'stylesheet':489,544,549 'subresourc':546,793,867 'substitut':1389 'success':1411 'suppli':1076 'support':921 'sync':978 'synchron':747,973 'tab':746,750 'target':704 'task':32,52,1375 'techniqu':319,568,613,1086,1132,1248 'templat':283,286,292 'test':219,395,1284,1395 'text':307,1346 'textcont':251,1050,1212 'theme':537 'third':540,861,873,1167,1361 'third-parti':539,860,872,1166,1360 'threat':213,1200 'tighten':393 'time':460 'timeout':735 'toggl':784 'token':722,731,914,1103,1278,1354 'tool':65 'top':575 'top-level':574 'topic-agent-skills' 'topic-agentic-skills' 'topic-ai-agent-skills' 'topic-ai-agents' 'topic-ai-coding' 'topic-ai-workflows' 'topic-antigravity' 'topic-antigravity-skills' 'topic-claude-code' 'topic-claude-code-skills' 'topic-codex-cli' 'topic-codex-skills' 'touch':990,995 'trait':1047 'travers':714 'treat':1384 'trust':804,811,1124,1267 'type':413,442,805,1268 'ui':558,1156 'unrel':54 'unsaf':374 'unsafe-inlin':373 'untrust':1126 'updat':942 'upgrad':832 'upload':439 'url':281,449,456,652,674,682,694,1077,1255,1337 'usag':490,533 'use':23,47,171,175,198,1063,1107,1211,1369 'user':113,150,163,296,302,616,907,1075,1119,1203,1230,1302,1329,1342 'user-gener':295,1301 'user-suppli':1074 'valid':81,399,405,407,414,416,421,437,443,450,452,461,464,468,478,503,526,545,651,654,679,709,712,773,798,876,966,994,1059,1072,1149,1228,1236,1256,1319,1338,1394 'valu':423 'variabl':532 'verif':87,621,657,1293 'viewport':1000,1003 'violat':380,387,1225 'virus':446 'visibl':783 'visual':614 'vs':172,252,728 'vulner':136,196,1186 'web':933,946,1173 'webauthn':760 'whitelist':418 'whitelist-bas':417 'widget':877,922,1363 'work':27 'worker':937,944 'workflow':34 'write':227 'x':580 'x-frame-opt':579 'xss':13,109,139,185,246,923,1130,1312 'zoom':1005","prices":[{"id":"e1b5f69e-6dd3-4764-8849-d1a07d4d494a","listingId":"5260b38c-86b9-4d8c-b956-1ee8ae6f8886","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"sickn33","category":"antigravity-awesome-skills","install_from":"skills.sh"},"createdAt":"2026-04-18T21:37:42.406Z"}],"sources":[{"listingId":"5260b38c-86b9-4d8c-b956-1ee8ae6f8886","source":"github","sourceId":"sickn33/antigravity-awesome-skills/frontend-security-coder","sourceUrl":"https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/frontend-security-coder","isPrimary":false,"firstSeenAt":"2026-04-18T21:37:42.406Z","lastSeenAt":"2026-04-24T00:50:59.982Z"}],"details":{"listingId":"5260b38c-86b9-4d8c-b956-1ee8ae6f8886","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"sickn33","slug":"frontend-security-coder","github":{"repo":"sickn33/antigravity-awesome-skills","stars":34793,"topics":["agent-skills","agentic-skills","ai-agent-skills","ai-agents","ai-coding","ai-workflows","antigravity","antigravity-skills","claude-code","claude-code-skills","codex-cli","codex-skills","cursor","cursor-skills","developer-tools","gemini-cli","gemini-skills","kiro","mcp","skill-library"],"license":"mit","html_url":"https://github.com/sickn33/antigravity-awesome-skills","pushed_at":"2026-04-24T00:28:59Z","description":"Installable GitHub library of 1,400+ agentic skills for Claude Code, Cursor, Codex CLI, Gemini CLI, Antigravity, and more. Includes installer CLI, bundles, workflows, and official/community skill collections.","skill_md_sha":"1ca7733b8e5ab086d2b1e3f3072862424ebb476c","skill_md_path":"skills/frontend-security-coder/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/frontend-security-coder"},"layout":"multi","source":"github","category":"antigravity-awesome-skills","frontmatter":{"name":"frontend-security-coder","description":"Expert in secure frontend coding practices specializing in XSS prevention, output sanitization, and client-side security patterns."},"skills_sh_url":"https://skills.sh/sickn33/antigravity-awesome-skills/frontend-security-coder"},"updatedAt":"2026-04-24T00:50:59.982Z"}}