What headers does the analyzer check?

It checks for critical security headers including Content-Security-Policy (CSP), HTTP Strict Transport Security (HSTS), X-Frame-Options, X-Content-Type-Options, and Referrer-Policy.

Does this skill provide specific recommendations?

Yes, it generates a detailed report outlining exactly which headers are missing or misconfigured along with specific steps to fix them.

When should I use the Security Headers Analyzer?

Use it whenever you deploy a new site, perform a security audit, or want to ensure your web server is protected against common injection and downgrade attacks.

How does this skill detect security vulnerabilities?

The skill fetches the live HTTP headers of a specified URL and compares them against industry-standard security best practices, such as those defined by OWASP.

Security Headers Analyzer

Name: Security Headers Analyzer
Author: intent-solutions-io

byintent-solutions-io

セキュリティとテスト

Analyzes HTTP security headers to identify vulnerabilities and provide actionable recommendations for website hardening.

概要

The Security Headers Analyzer skill empowers Claude to perform deep audits of website HTTP headers, identifying missing or misconfigured security controls such as HSTS, CSP, and X-Frame-Options. It evaluates the security posture of any given domain, providing a comprehensive report that includes a numerical score and a letter grade. This tool is essential for developers and security engineers looking to mitigate risks like cross-site scripting (XSS) and downgrade attacks by ensuring their web infrastructure follows modern security best practices.

主な機能

Automated fetching and analysis of HTTP response headers
Support for quick domain-based security audits
Detailed security grading and performance scoring
Actionable remediation steps for identified vulnerabilities
0 GitHub stars
Identification of missing headers like CSP, HSTS, and X-Content-Type-Options

ユースケース

Auditing web infrastructure for compliance with modern security standards
Troubleshooting and refining Content Security Policy (CSP) configurations
Performing a security health check on a production website or domain

概要

主な機能

Automated fetching and analysis of HTTP response headers
Support for quick domain-based security audits
Detailed security grading and performance scoring
Actionable remediation steps for identified vulnerabilities
0 GitHub stars
Identification of missing headers like CSP, HSTS, and X-Content-Type-Options

ユースケース

Auditing web infrastructure for compliance with modern security standards
Troubleshooting and refining Content Security Policy (CSP) configurations
Performing a security health check on a production website or domain