Which types of injection attacks can it detect?

The skill can identify SQL, NoSQL, Command, LDAP, and XPath injection risks, providing parameterized query solutions for each.

Can it help me fix vulnerabilities, or just find them?

It provides both: a detailed analysis of the risk and specific 'Secure Code' examples to help you refactor vulnerable patterns into safe implementations.

Does this skill follow industry security standards?

Yes, the skill is primarily based on the OWASP Top 10 2021 framework and uses CVSS 3.1 scoring to help prioritize vulnerability remediation.

Can I use this for automated reporting?

Yes, the skill includes a standardized security report template that covers risk overview, vulnerability locations, impact analysis, and repair priority.

Security Code Review

Name: Security Code Review
Author: Protagonistss

byProtagonistss

0•

보안 및 테스팅

Identifies security vulnerabilities, assesses risks using OWASP standards, and provides actionable remediation guidance for production-grade code.

The Security Code Review skill transforms Claude into a specialized security auditor capable of identifying deep-seated vulnerabilities across various tech stacks. By leveraging the OWASP Top 10 2021 framework and CVSS 3.1 scoring, it provides comprehensive analysis of injection attacks, cross-site scripting (XSS), broken access control, and sensitive data exposure. It is an essential tool for developers looking to harden their applications, offering side-by-side comparisons of vulnerable versus secure code, automated security report generation, and best practices for implementing robust authentication and encryption mechanisms.

주요 기능

01Comprehensive injection attack analysis for SQL, NoSQL, LDAP, and OS commands

02Secure coding templates for authentication, session management, and data encryption

03CVSS 3.1 risk scoring and prioritization matrix for efficient remediation

04OWASP Top 10 2021 compliance auditing and vulnerability detection

05Automated security report generation with mitigation roadmaps and CI/CD patterns

060 GitHub stars

사용 사례

01Hardening web applications against common exploits like XSS and SQL injection

02Identifying and refactoring legacy code containing hardcoded secrets or weak encryption

03Conducting automated security audits during the pull request and code review process

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add protagonistss/claude-plugins security-review

For use in Claude.ai and ChatGPT

Download Skill