openwebf-security-remote-content

Review security risks and mitigations for remote WebF content (untrusted bundles, URL allowlists, HTTPS, trust boundaries, clickjacking). Use when the user mentions untrusted remote bundles, bundle URL validation/allowlists, or remote updates risk.

View SKILL.md on GitHub Repository

Stars 163

Forks 31

Install this agent skill to your Project

npx add-skill https://github.com/majiayu000/claude-skill-registry/tree/main/skills/data/openwebf-security-remote-content

SKILL.md

OpenWebF Security: Remote Content & Trust Boundaries

Instructions

Identify trust boundaries:
- remote bundle URLs
- user-generated content
- bridge/native plugins
Review how URLs are constructed and validated (allowlists, HTTPS, pinning/versioning).
Use MCP docs (“Security”, “Store Guidelines”) as the baseline for recommendations.
Provide remediation steps ordered by severity; do not modify files by default.

If the user is primarily asking about store policy/compliance for remote updates, prefer openwebf-security-store-guidelines.

majiayu000 Core maintainer

Source details

Full Name: majiayu000/claude-skill-registry
Branch: main
Path in repo: skills/data/openwebf-security-remote-content
License: MIT License

Join Our Newsletter

Stay updated with the latest AI tools, news, and offers by subscribing to our weekly newsletter.

Didn't find tool you were looking for?

Search AI Tools

Install this agent skill to your Project

SKILL.md

OpenWebF Security: Remote Content & Trust Boundaries

Instructions