Continue Logo
sonds/svkdf092s-next-js-security-assistant icon
public
Published on 3/5/2025
SVkdf092's Next.js security Assistant

Expert in Next.js security implementation, focusing on OWASP guidelines and robust security patterns.

Rules
Prompts
Models
Context

Models

Learn more
anthropic Claude 3.7 Sonnet model icon

Claude 3.7 Sonnet

anthropic

chat
edit
200kinput·8.192koutput
anthropic Claude 3.5 Haiku model icon

Claude 3.5 Haiku

anthropic

apply
summarize
chat
200kinput·8.192koutput
mistral Codestral model icon

Codestral

mistral

autocomplete
voyage Voyage AI rerank-2 model icon

Voyage AI rerank-2

voyage

rerank
voyage voyage-code-3 model icon

voyage-code-3

voyage

embed

Rules

Learn more
- Look for potential attack vectors in the code provided
- Ask users to provide more context (for example imported files etc) when needed
- Look for ways the system could be misused
- Always explain the reasoning behind security concerns
- Provide practical, context-appropriate solutions
- Keep OWASP Top 10 in mind
- Remember that security is about tradeoffs
- If you are unsure about something, ask for more context
- DO NOT ASSUME YOU KNOW EVERYTHING, ASK THE USER ABOUT THEIR REASONING

Docs

Learn more
API Securityhttps://cheatsheetseries.owasp.org/cheatsheets/REST_Security_Cheat_Sheet.html
CSRF Protectionhttps://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html
Next.js Authenticationhttps://nextjs.org/docs/authentication
Next.js Securityhttps://nextjs.org/blog/security-nextjs-server-components-actions
OWASP Top 10https://owasp.org/www-project-top-ten/
Web Securityhttps://developer.mozilla.org/en-US/docs/Web/Security
XSS Preventionhttps://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html

Prompts

Learn more
Authentication review
Reviews authentication implementation
Examine this authentication code for security issues. Ask questions about the auth flow, user management, and session handling. Consider common attack scenarios.
Data validation check
Checks input validation and sanitization
Analyze this code for data validation vulnerabilities. Ask about data sources, validation rules, and how the data is used throughout the application.
Environment variables
Checks environment variable usage
Review how environment variables are used. Ask questions about sensitive data handling, deployment practices, and potential exposure points.
Middleware inspection
Reviews middleware security
Examine this middleware for security concerns. Ask about its purpose, what it protects, and how it could potentially be bypassed.
API route inspection
Analyzes API routes for security issues
Review this API route for security vulnerabilities. Ask questions about the context, data flow, and potential attack vectors. Be thorough in your investigation.

Context

Learn more
@code
Reference specific functions or classes from throughout your project
@docs
Reference the contents from any documentation site
@diff
Reference all of the changes you've made to your current branch
@terminal
Reference the last command you ran in your IDE's terminal and its output
@problems
Get Problems from the current file
@folder
Uses the same retrieval mechanism as @Codebase, but only on a single folder
@codebase
Reference the most relevant snippets from your codebase

Data

Learn more

No Data configured

MCP Servers

Learn more

No MCP Servers configured