What specific headers does this skill check?

It analyzes critical headers such as Content Security Policy (CSP), HTTP Strict Transport Security (HSTS), X-Frame-Options, and X-Content-Type-Options.

Does this skill perform a full penetration test?

No, it focuses specifically on HTTP security headers. While vital for defense, it should be used alongside other tools for a comprehensive penetration test.

How do I activate this skill in Claude?

Simply ask Claude to 'analyze security headers' or 'check HTTP security' for a specific domain name or URL to trigger the analysis.

How does the Security Headers Analyzer work?

It fetches the HTTP response headers of a target URL and compares them against security best practices to identify gaps or misconfigurations.

Security Headers Analyzer

Name: Security Headers Analyzer
Author: jeremylongshore

byjeremylongshore

•

884

セキュリティとテスト

Analyzes a website's HTTP security headers to identify misconfigurations and provide actionable improvement recommendations.

概要

The Security Headers Analyzer skill empowers Claude to perform automated security audits on any URL or domain by inspecting HTTP response headers. It identifies missing protections like HSTS, CSP, and X-Frame-Options, assigning a security grade and score based on industry best practices. This skill is essential for developers and security engineers looking to harden their web applications against common vulnerabilities like XSS, clickjacking, and protocol downgrade attacks through detailed reporting and remediation steps.

主な機能

Actionable recommendations for misconfigured headers
Vulnerability detection for common web-based threats
Automated HTTP header inspection and analysis
Comprehensive security grading and scoring system
Supports integration with broader security assessment workflows
884 GitHub stars

ユースケース

Performing a quick security audit on a production domain
Verifying the implementation of HSTS and Content Security Policy (CSP)
Ensuring compliance with web security best practices during the development lifecycle

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add jeremylongshore/claude-code-plugins-plus-skills security-headers-analyzer

For use in Claude.ai and ChatGPT

Download Skill

GitHub

概要