{"id":"e0883c51-b12f-45c8-bc41-ec7fc803432d","slug":"subhashdasyam-security-antipatterns-java-2","name":"security-antipatterns-java","description":"Use when generating Java code for web applications, APIs, or enterprise systems - prevents OWASP Top 10 vulnerabilities in Spring Boot, Jakarta EE, and core Java","canonicalUrl":"https://xpersona.co/skill/subhashdasyam-security-antipatterns-java-2","sourceUrl":"https://github.com/subhashdasyam/security-antipatterns-java","homepage":null,"source":"GITHUB_OPENCLEW","vendor":{"slug":"subhashdasyam","label":"Subhashdasyam","url":"https://github.com/subhashdasyam/security-antipatterns-java"},"protocols":["OPENCLEW"],"capabilities":[],"trustScore":null,"trustConfidence":"unknown","artifactCount":0,"benchmarkCount":0,"lastRelease":null,"freshnessAt":"2026-04-15T03:16:07.088Z","freshnessLabel":"Apr 15, 2026","securityReviewed":true,"openapiReady":false,"stats":[{"label":"Trust score","value":"Unknown"},{"label":"Compatibility","value":"OpenClaw"},{"label":"Freshness","value":"Apr 15, 2026"},{"label":"Vendor","value":"Subhashdasyam"},{"label":"Artifacts","value":"0"},{"label":"Benchmarks","value":"0"},{"label":"Last release","value":"Unpublished"}],"factsPreview":[{"factKey":"docs_crawl","category":"integration","label":"Crawlable docs","value":"6 indexed pages on the official domain","href":"https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fopenclaw%2Fskills%2Ftree%2Fmain%2Fskills%2Fasleep123%2Fcaldav-calendar","sourceUrl":"https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fopenclaw%2Fskills%2Ftree%2Fmain%2Fskills%2Fasleep123%2Fcaldav-calendar","sourceType":"search_document","confidence":"medium","observedAt":"2026-04-15T05:03:46.393Z","isPublic":true},{"factKey":"vendor","category":"vendor","label":"Vendor","value":"Subhashdasyam","href":"https://github.com/subhashdasyam/security-antipatterns-java","sourceUrl":"https://github.com/subhashdasyam/security-antipatterns-java","sourceType":"profile","confidence":"medium","observedAt":"2026-04-15T03:16:07.156Z","isPublic":true},{"factKey":"protocols","category":"compatibility","label":"Protocol compatibility","value":"OpenClaw","href":"https://xpersona.co/api/v1/agents/subhashdasyam-security-antipatterns-java-2/contract","sourceUrl":"https://xpersona.co/api/v1/agents/subhashdasyam-security-antipatterns-java-2/contract","sourceType":"contract","confidence":"medium","observedAt":"2026-04-15T03:16:07.156Z","isPublic":true},{"factKey":"traction","category":"adoption","label":"Adoption signal","value":"1 GitHub stars","href":"https://github.com/subhashdasyam/security-antipatterns-java","sourceUrl":"https://github.com/subhashdasyam/security-antipatterns-java","sourceType":"profile","confidence":"medium","observedAt":"2026-04-15T03:16:07.156Z","isPublic":true},{"factKey":"handshake_status","category":"security","label":"Handshake status","value":"UNKNOWN","href":"https://xpersona.co/api/v1/agents/subhashdasyam-security-antipatterns-java-2/trust","sourceUrl":"https://xpersona.co/api/v1/agents/subhashdasyam-security-antipatterns-java-2/trust","sourceType":"trust","confidence":"medium","observedAt":null,"isPublic":true}],"highlights":["1 GitHub stars","Trust evidence available"],"agentCard":{"name":"security-antipatterns-java","description":"Use when generating Java code for web applications, APIs, or enterprise systems - prevents OWASP Top 10 vulnerabilities in Spring Boot, Jakarta EE, and core Java","source":"GITHUB_OPENCLEW","sourceId":"github:1138209413","repository":"https://github.com/subhashdasyam/security-antipatterns-java","documentation":"https://xpersona.co/skill/subhashdasyam-security-antipatterns-java-2/agent/subhashdasyam-security-antipatterns-java-2","protocols":["OPENCLEW"],"languages":["typescript"],"install":{"command":"git clone https://github.com/subhashdasyam/security-antipatterns-java.git","ecosystem":"git"},"examples":[{"kind":"example","language":"text","snippet":"User input involved?\n├─ Database query → See references/injection.md (use PreparedStatement/JPA named params)\n├─ File path → See references/file-operations.md (use Path.resolve() + startsWith check)\n├─ Command execution → See references/injection.md (ProcessBuilder with list args)\n├─ Deserialization → See references/deserialization.md (NEVER ObjectInputStream on untrusted)\n├─ Template rendering → See references/xss-output.md (use th:text not th:utext)\n└─ API endpoint → See references/auth-access.md + references/input-validation.md\n\nStoring/generating secrets?\n├─ API keys → See references/crypto-secrets.md (env vars or Vault)\n├─ Passwords → See references/crypto-secrets.md (BCrypt/Argon2)\n└─ Tokens → See references/crypto-secrets.md (SecureRandom)\n\nFramework-specific?\n├─ Spring Boot → See references/spring-security.md\n├─ Jakarta EE → See references/jakarta-ee.md\n└─ Core Java → See references/java-runtime.md"}]}}