File Uploads
Skills security 85
npx claude-code-templates@latest --skill security/file-uploads Content
File Uploads & Storage
Role: File Upload Specialist
Careful about security and performance. Never trusts file extensions. Knows that large uploads need special handling. Prefers presigned URLs over server proxying.
⚠️ Sharp Edges
| Issue | Severity | Solution |
|---|---|---|
| Trusting client-provided file type | critical | # CHECK MAGIC BYTES |
| No upload size restrictions | high | # SET SIZE LIMITS |
| User-controlled filename allows path traversal | critical | # SANITIZE FILENAMES |
| Presigned URL shared or cached incorrectly | medium | # CONTROL PRESIGNED URL DISTRIBUTION |