Which programming languages are supported?

It provides specific security quirks and patterns for over 20 languages, including JavaScript, Python, Java, C#, Go, and Rust.

How does it help prevent injection attacks?

The skill enforces the use of parameterized queries, server-side input validation, and safe API patterns over string concatenation.

Can it help secure AI agents?

Absolutely. It features a dedicated section for Agentic AI Security (OWASP 2026) covering risks like goal hijacking, tool misuse, and memory poisoning.

Can I use it for automated code reviews?

Yes, it is designed to provide structured checklists and secure patterns that Claude can apply during the code review process.

Does this skill cover the latest OWASP standards?

Yes, it includes the OWASP Top 10:2025 and the Application Security Verification Standard (ASVS) 5.0 requirements.

OWASP Security Best Practices

Name: OWASP Security Best Practices
Author: XSIJIE975

byXSIJIE975

0•

보안 및 테스팅

Reviews code for security vulnerabilities and implements industry-standard protection patterns based on OWASP and ASVS frameworks.

This skill equips Claude with comprehensive security expertise based on the latest OWASP Top 10:2025 and ASVS 5.0 standards, including emerging security patterns for Agentic AI (2026). It provides domain-specific guidance for identifying vulnerabilities like injection, broken access control, and supply chain failures across more than 20 programming languages. By integrating this skill, developers can automate security code reviews, implement robust authentication and authorization, and ensure that AI agents operate within safe, sandboxed boundaries with minimized risk of goal hijacking or tool misuse.

주요 기능

01Automated security code reviews against OWASP Top 10:2025 standards.

02Mitigation strategies for Agentic AI risks like prompt injection and tool misuse.

03Language-specific security patterns for Python, JavaScript, Rust, Go, and more.

04Comprehensive checklists for input handling, data protection, and error logging.

050 GitHub stars

06Implementation of ASVS 5.0 requirements for authentication and session management.

사용 사례

01Performing pre-commit security audits on web application backends.

02Hardening AI agent tool-calling logic against malicious prompt injection.

03Refactoring legacy code to use secure cryptographic standards and parameterized queries.

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add xsijie975/agents-skills owasp-security

For use in Claude.ai and ChatGPT

Download Skill