·open-cors-anti-pattern
!

open-cors-anti-pattern

igbuend/grimbardGitHub: igbuend/grimbardSource: igbuend/grimbard

Security anti-pattern for open Cross-Origin Resource Sharing (CORS) policies (CWE-942). Use when generating or reviewing server configurations, API backends, or any code that sets CORS headers. Detects overly permissive Access-Control-Allow-Origin headers, including wildcard, null origin, and reflected origin.

igbuend·open·cors·anti·pattern
4Installs·0Trend·@igbuend

Installation

GitHub: igbuend/grimbard
$npx skills add https://github.com/igbuend/grimbard --skill open-cors-anti-pattern

How to Install open-cors-anti-pattern

Quickly install open-cors-anti-pattern AI skill to your development environment via command line

  1. Open Terminal: Open your terminal or command line tool (Terminal, iTerm, Windows Terminal, etc.)
  2. Run Installation Command: Copy and run this command: npx skills add https://github.com/igbuend/grimbard --skill open-cors-anti-pattern
  3. Verify Installation: Once installed, the skill will be automatically configured in your AI coding environment and ready to use in Claude Code, Cursor, or OpenClaw

Source: igbuend/grimbard.

SKILL.md

View raw

Misconfigured CORS policies allow any website to make authenticated requests on behalf of users. Servers responding with Access-Control-Allow-Origin: or reflecting client Origin headers enable data theft and unauthorized actions.

The anti-pattern is overly permissive Access-Control-Allow-Origin headers: wildcard () or reflecting client Origin values.

curl -H "Origin: https://evil.com" -I https://yourapp.com/api/some-endpoint Check if the response contains Access-Control-Allow-Origin: https://evil.com.

Security anti-pattern for open Cross-Origin Resource Sharing (CORS) policies (CWE-942). Use when generating or reviewing server configurations, API backends, or any code that sets CORS headers. Detects overly permissive Access-Control-Allow-Origin headers, including wildcard, null origin, and reflected origin. Source: igbuend/grimbard.

Facts (cite-ready)

Stable fields and commands for AI/search citations.

Install command
npx skills add https://github.com/igbuend/grimbard --skill open-cors-anti-pattern
Source
igbuend/grimbard
Category
!Security
Verified
First Seen
2026-03-13
Updated
2026-03-13
URL
https://www.learn-skills.dev/en/skills/igbuend/grimbard/open-cors-anti-pattern

Browse more skills from igbuend/grimbard

Quick answers

What is open-cors-anti-pattern?

Security anti-pattern for open Cross-Origin Resource Sharing (CORS) policies (CWE-942). Use when generating or reviewing server configurations, API backends, or any code that sets CORS headers. Detects overly permissive Access-Control-Allow-Origin headers, including wildcard, null origin, and reflected origin. Source: igbuend/grimbard.

How do I install open-cors-anti-pattern?

Open your terminal or command line tool (Terminal, iTerm, Windows Terminal, etc.) Copy and run this command: npx skills add https://github.com/igbuend/grimbard --skill open-cors-anti-pattern Once installed, the skill will be automatically configured in your AI coding environment and ready to use in Claude Code, Cursor, or OpenClaw

Where is the source repository?

https://github.com/igbuend/grimbard

Details

Category
!Security
Source
skills.sh
First Seen
2026-03-13

Related Skills

tikz
17 Installs
ethical-hacking-ethics
6 Installs
insufficient-randomness-anti-pattern
6 Installs
pgfplots
6 Installs
biblatex
5 Installs
weak-encryption-anti-pattern
5 Installs