Does this skill require authorization before use?

Yes, you must have explicit, written authorization from the system owner before performing any penetration testing or vulnerability assessment activities.

Does the skill provide a report after scanning?

Yes, it generates a comprehensive report detailing identified flaws, their severity ratings, and specific steps recommended for remediation.

Can I use this for API security testing?

Yes, it is designed to perform vulnerability assessments on both standard web applications and specific API endpoints.

What types of vulnerabilities can it identify?

The skill focuses on the OWASP Top 10, including SQL injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), and broken authentication.

Is it safe to run on live production sites?

While the skill uses techniques to minimize impact, it is a best practice to perform penetration testing in a staging or development environment to avoid any risk of service disruption.

Penetration Testing & Security Audit

Name: Penetration Testing & Security Audit
Author: intent-solutions-io

byintent-solutions-io

0•

보안 및 테스팅

Automates web application security assessments to identify OWASP Top 10 vulnerabilities and suggest remediation steps.

This skill empowers developers and security professionals to conduct comprehensive automated penetration tests on web applications and APIs directly within the Claude Code environment. By leveraging advanced scanning techniques, it identifies critical security flaws such as SQL injection, Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF). Beyond discovery, the skill provides actionable exploitation techniques for validation and generates detailed security reports with risk ratings and clear remediation guidance, making it an essential tool for maintaining a robust security posture throughout the development lifecycle.

주요 기능

01Guidance on safe exploitation techniques for vulnerability validation

02Automated vulnerability scanning for OWASP Top 10 risks

03Detailed reporting with risk ratings and remediation recommendations

04Identification of critical flaws like SQLi, XSS, and CSRF

050 GitHub stars

06Comprehensive security assessment for web applications and API endpoints

사용 사례

01Conducting a full-scale security audit of a production or staging domain

02Testing specific API endpoints for authentication and authorization bypasses

03Generating compliance-ready vulnerability reports for stakeholders

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add intent-solutions-io/plugins-nixtla penetration-tester

For use in Claude.ai and ChatGPT

Download Skill