AI Agent Skill HUB

csp

Content Security Policy configuration, nonces, and reporting.

509 stars
bya5c-ai
View on GitHubInstallation ↓

Best use case

csp is best used when you need a repeatable AI agent workflow instead of a one-off prompt.

Content Security Policy configuration, nonces, and reporting.

Teams using csp should expect a more consistent output, faster repeated execution, less prompt rewriting.

When to use this skill

  • You want a reusable workflow that can be run more than once with consistent structure.

When not to use this skill

  • You only need a quick one-off answer and do not need a reusable workflow.
  • You cannot install or maintain the underlying files, dependencies, or repository context.

Installation

Claude Code / Cursor / Codex

$curl -o ~/.claude/skills/csp/SKILL.md --create-dirs "https://raw.githubusercontent.com/a5c-ai/babysitter/main/library/specializations/web-development/skills/csp/SKILL.md"

Manual Installation

  1. Download SKILL.md from GitHub
  2. Place it in .claude/skills/csp/SKILL.md inside your project
  3. Restart your AI agent — it will auto-discover the skill

How csp Compares

Feature / AgentcspStandard Approach
Platform SupportNot specifiedLimited / Varies
Context Awareness High Baseline
Installation ComplexityUnknownN/A

Frequently Asked Questions

What does this skill do?

Content Security Policy configuration, nonces, and reporting.

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

SKILL.md Source

# CSP Skill

Expert assistance for Content Security Policy implementation.

## Capabilities

- Configure CSP headers
- Implement nonces
- Set up reporting
- Handle inline scripts
- Configure strict CSP

## CSP Configuration

```typescript
// Next.js middleware
const cspHeader = `
  default-src 'self';
  script-src 'self' 'nonce-${nonce}' 'strict-dynamic';
  style-src 'self' 'nonce-${nonce}';
  img-src 'self' blob: data:;
  font-src 'self';
  connect-src 'self';
  frame-ancestors 'none';
  base-uri 'self';
  form-action 'self';
  report-uri /api/csp-report;
`;
```

## Target Processes

- security-hardening
- csp-implementation
- xss-prevention

Related Skills

process-builder

509
from a5c-ai/babysitter

Scaffold new babysitter process definitions following SDK patterns, proper structure, and best practices. Guides the 3-phase workflow from research to implementation.

Workflow & Productivity

babysitter

509
from a5c-ai/babysitter

Orchestrate via @babysitter. Use this skill when asked to babysit a run, orchestrate a process or whenever it is called explicitly. (babysit, babysitter, orchestrate, orchestrate a run, workflow, etc.)

yolo

509
from a5c-ai/babysitter

Run Babysitter autonomously with minimal manual interruption.

user-install

509
from a5c-ai/babysitter

Install the user-level Babysitter Codex setup.

team-install

509
from a5c-ai/babysitter

Install the team-pinned Babysitter Codex workspace setup.

retrospect

509
from a5c-ai/babysitter

Summarize or retrospect on a completed Babysitter run.

resume

509
from a5c-ai/babysitter

Resume an existing Babysitter run from Codex.

project-install

509
from a5c-ai/babysitter

Install the Babysitter Codex workspace integration into the current project.

plan

509
from a5c-ai/babysitter

Plan a Babysitter workflow without executing the run.

observe

509
from a5c-ai/babysitter

Observe, inspect, or monitor a Babysitter run.

model

509
from a5c-ai/babysitter

Inspect or change Babysitter model-routing policy by phase.

issue

509
from a5c-ai/babysitter

Run an issue-centric Babysitter workflow.