Xss And Injection Prevention is a production-ready Claude Code skill (quality score 70/100) in the web-security sub-category. It ships as a SKILL.md file that Claude Code auto-discovers under ~/.claude/skills/xss-and-injection-prevention/ and loads when your prompt matches the skill's trigger.
When to invoke it: Use when writing or reviewing Visualforce pages, Apex controllers, or LWC components that output user-supplied data, build dynamic queries, or construct HTTP responses. Triggers: 'XSS in Visualforce', 'SOQL injection vulnerability', 'how to encode output in Apex', 'JSENCODE Visualforce', 'open redirect prevention'.
The Xss And Injection Prevention skill is built for security engineers, penetration testers, DevSecOps practitioners, and development teams hardening codebases and infrastructure. It is part of the open ClaudSkills registry, a community-curated catalog of 15,000+ capabilities you can install for Claude Code — the Claude CLI agent.
mkdir -p ~/.claude/skills/xss-and-injection-prevention curl -L https://claudskills.com/skills/xss-and-injection-prevention/SKILL.md \ -o ~/.claude/skills/xss-and-injection-prevention/SKILL.md
Or just download SKILL.md directly and drop it into ~/.claude/skills/xss-and-injection-prevention/. Claude Code auto-discovers it on next session.
Skills live at ~/.claude/skills/xss-and-injection-prevention/SKILL.md on macOS/Linux, or %USERPROFILE%\.claude\skills\xss-and-injection-prevention\SKILL.md on Windows. See the full install guide for step-by-step instructions.
The ClaudSkills desktop app installs any skill directly into ~/.claude/skills/ with one click — no terminal required. Pro starts at $9/mo or $149 lifetime.
Browse all Security skills in the ClaudSkills registry, or explore these top-rated picks from the same category: