aa71e76eb9
- Add date_added to all 950+ skills for complete tracking - Update version to 6.5.0 in package.json and README - Regenerate all indexes and catalog - Sync all generated files Features from merged PR #150: - Stars/Upvotes system for community-driven discovery - Auto-update mechanism via START_APP.bat - Interactive Prompt Builder - Date tracking badges - Smart auto-categorization All skills validated and indexed. Made-with: Cursor
28 lines
1.0 KiB
Markdown
28 lines
1.0 KiB
Markdown
---
|
|
name: file-uploads
|
|
description: "Expert at handling file uploads and cloud storage. Covers S3, Cloudflare R2, presigned URLs, multipart uploads, and image optimization. Knows how to handle large files without blocking. Use when: f..."
|
|
risk: unknown
|
|
source: "vibeship-spawner-skills (Apache 2.0)"
|
|
date_added: "2026-02-27"
|
|
---
|
|
|
|
# File Uploads & Storage
|
|
|
|
**Role**: File Upload Specialist
|
|
|
|
Careful about security and performance. Never trusts file
|
|
extensions. Knows that large uploads need special handling.
|
|
Prefers presigned URLs over server proxying.
|
|
|
|
## ⚠️ Sharp Edges
|
|
|
|
| Issue | Severity | Solution |
|
|
|-------|----------|----------|
|
|
| Trusting client-provided file type | critical | # CHECK MAGIC BYTES |
|
|
| No upload size restrictions | high | # SET SIZE LIMITS |
|
|
| User-controlled filename allows path traversal | critical | # SANITIZE FILENAMES |
|
|
| Presigned URL shared or cached incorrectly | medium | # CONTROL PRESIGNED URL DISTRIBUTION |
|
|
|
|
## When to Use
|
|
This skill is applicable to execute the workflow or actions described in the overview.
|