← Back to Skills

Django Access Review

🏢Official
by getsentry · vlatest · Repository

Automates Django project access reviews, identifying unused permissions & flagging potential security risks within Sentry's workflow.

Install on your platform

We auto-selected Claude Code based on this skill’s supported platforms.

1

Run in terminal (recommended)

terminal
claude mcp add django-access-review npx -- -y @trustedskills/django-access-review
2

Or manually add to ~/.claude/settings.json

~/.claude/settings.json
{
  "mcpServers": {
    "django-access-review": {
      "command": "npx",
      "args": [
        "-y",
        "@trustedskills/django-access-review"
      ]
    }
  }
}

Requires Claude Code (claude CLI). Run claude --version to verify your install.

About This Skill

What it does

This skill enables AI agents to inspect Django project files specifically looking for permission-related issues. It analyzes codebases to identify missing access controls, overly permissive settings, and potential security vulnerabilities within the application's authorization logic.

When to use it

  • Auditing legacy Django applications before deploying them to production environments.
  • Scanning new features to ensure role-based access control (RBAC) rules are correctly implemented.
  • Verifying that sensitive endpoints have appropriate authentication decorators applied.
  • Identifying hardcoded credentials or insecure default configurations in permission settings.

Key capabilities

  • Parses Django project structures to locate relevant configuration files and views.
  • Detects common permission anti-patterns such as allow_any = True without justification.
  • Highlights missing @login_required or custom permission decorators on sensitive URLs.
  • Reports findings with file paths and line numbers for easy remediation.

Example prompts

  • "Run a security scan on my Django project to find any views that lack authentication checks."
  • "Identify all places in the codebase where user permissions are granted without verifying roles."
  • "Review the settings.py and urls.py files for potential access control weaknesses."

Tips & gotchas

Ensure your Django project is fully initialized with standard directory structures before running the review, as the skill relies on conventional file locations. This tool focuses on static code analysis; it cannot detect runtime permission bypasses caused by complex business logic errors.

View Repository →

Tags

🛡️

TrustedSkills Verification

Unlike other registries that point to live repositories, TrustedSkills pins every skill to a verified commit hash. This protects you from malicious updates — what you install today is exactly what was reviewed and verified.

Security Audits

Gen Agent Trust HubPass
SocketPass
SnykPass

Details

Version
vlatest
License
Author
getsentry
Installs
76
Repository (canonical source) →

🏢 Official

Published by the company or team that built the technology.