返回 Skill 列表
extension
分类: 开发与工程无需 API Key

global-validation

实现服务器端验证,使用允许列表、特定错误消息、类型检查和清理来防止安全漏洞并确保数据完整性。在创建或编辑表单请求类时、验证API输入时、在控制器或服务中实现验证规则时、为用户体验编写客户端验证时、清理用户输入以防止注入攻击时、验证业务规则时、实现错误消息显示时,或确保所有应用程序入口点的一致性验证时,使用此技能。

person作者: jakexiaohubgithub

Global Validation

This Skill provides Claude Code with specific guidance on how to adhere to coding standards as they relate to how it should handle global validation.

When to use this skill

  • When creating form request classes in app/Http/Requests/ for validation logic
  • When implementing validation rules in controllers, services, or API endpoints
  • When validating user input from web forms or API requests
  • When writing client-side validation for immediate user feedback (while ensuring server-side validation)
  • When implementing allowlist-based validation (defining what's allowed)
  • When sanitizing user input to prevent SQL injection, XSS, or command injection
  • When creating specific, actionable error messages for validation failures
  • When validating data types, formats, ranges, and required fields
  • When implementing business rule validation (e.g., sufficient balance, valid date ranges)
  • When ensuring consistent validation across web forms, API endpoints, and background jobs
  • When validating file uploads, sizes, and formats
  • When implementing custom validation rules or validators

Instructions

For details, refer to the information provided in this file: global validation