Which types of injection attacks can it detect?

The skill can identify SQL, NoSQL, Command, LDAP, and XPath injection risks, providing parameterized query solutions for each.

Can it help me fix vulnerabilities, or just find them?

It provides both: a detailed analysis of the risk and specific 'Secure Code' examples to help you refactor vulnerable patterns into safe implementations.

Does this skill follow industry security standards?

Yes, the skill is primarily based on the OWASP Top 10 2021 framework and uses CVSS 3.1 scoring to help prioritize vulnerability remediation.

Can I use this for automated reporting?

Yes, the skill includes a standardized security report template that covers risk overview, vulnerability locations, impact analysis, and repair priority.

Security Code Review

Name: Security Code Review
Author: Protagonistss

byProtagonistss

보안 및 테스팅

Identifies security vulnerabilities, assesses risks using OWASP standards, and provides actionable remediation guidance for production-grade code.

소개

The Security Code Review skill transforms Claude into a specialized security auditor capable of identifying deep-seated vulnerabilities across various tech stacks. By leveraging the OWASP Top 10 2021 framework and CVSS 3.1 scoring, it provides comprehensive analysis of injection attacks, cross-site scripting (XSS), broken access control, and sensitive data exposure. It is an essential tool for developers looking to harden their applications, offering side-by-side comparisons of vulnerable versus secure code, automated security report generation, and best practices for implementing robust authentication and encryption mechanisms.

주요 기능

Comprehensive injection attack analysis for SQL, NoSQL, LDAP, and OS commands
Secure coding templates for authentication, session management, and data encryption
CVSS 3.1 risk scoring and prioritization matrix for efficient remediation
OWASP Top 10 2021 compliance auditing and vulnerability detection
Automated security report generation with mitigation roadmaps and CI/CD patterns
0 GitHub stars

사용 사례

Hardening web applications against common exploits like XSS and SQL injection
Identifying and refactoring legacy code containing hardcoded secrets or weak encryption
Conducting automated security audits during the pull request and code review process

소개

주요 기능

Comprehensive injection attack analysis for SQL, NoSQL, LDAP, and OS commands
Secure coding templates for authentication, session management, and data encryption
CVSS 3.1 risk scoring and prioritization matrix for efficient remediation
OWASP Top 10 2021 compliance auditing and vulnerability detection
Automated security report generation with mitigation roadmaps and CI/CD patterns
0 GitHub stars

사용 사례

Hardening web applications against common exploits like XSS and SQL injection
Identifying and refactoring legacy code containing hardcoded secrets or weak encryption
Conducting automated security audits during the pull request and code review process