Is batch analysis supported?

Yes, the skill can accept a list of multiple domains to perform a high-level comparison and ranking of their security posture.

What standards does it use for grading?

It evaluates headers against the OWASP Secure Headers Project recommendations and modern browser security baselines.

Can it provide actual code to fix the issues?

Absolutely. It generates specific configuration snippets for popular web servers like Nginx and Apache, as well as Cloudflare edge configurations.

Does this skill check both HTTP and HTTPS?

Yes, it analyzes both protocols to ensure proper HSTS enforcement and identify configuration gaps between secure and insecure endpoints.

Security Headers Analyzer

Name: Security Headers Analyzer
Author: micsapp

bymicsapp

0•

보안 및 테스팅

Audits web domain HTTP response headers to identify vulnerabilities and provide OWASP-compliant remediation configurations.

This skill empowers Claude to perform deep security inspections of web application headers, evaluating compliance against OWASP and industry-standard browser security baselines. It automatically checks for critical headers like Content-Security-Policy (CSP), HTTP Strict Transport Security (HSTS), and X-Frame-Options while identifying dangerous information leaks in server signatures. Beyond just identification, the skill generates specific remediation snippets for Nginx, Apache, and Cloudflare, helping developers bridge the gap between vulnerability discovery and secure production deployment.

주요 기능

01Automated OWASP-based security grading from A+ to F

02Comprehensive reporting on redirect chains and protocol differences

03Identification of technology stack leaks via server signatures

040 GitHub stars

05Deep analysis of CSP, HSTS, and cookie security attributes

06Multi-platform remediation snippets for Nginx, Apache, and Cloudflare

사용 사례

01Pre-deployment security audits for new web applications

02Compliance checking for HSTS preloading and CSP enforcement

03Batch analysis of staging environments to ensure consistent security posture

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add micsapp/micstec-skills analyzing-security-headers

For use in Claude.ai and ChatGPT

주요 기능

01Automated OWASP-based security grading from A+ to F

02Comprehensive reporting on redirect chains and protocol differences

03Identification of technology stack leaks via server signatures

040 GitHub stars

05Deep analysis of CSP, HSTS, and cookie security attributes

06Multi-platform remediation snippets for Nginx, Apache, and Cloudflare

사용 사례

01Pre-deployment security audits for new web applications

02Compliance checking for HSTS preloading and CSP enforcement

03Batch analysis of staging environments to ensure consistent security posture

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add micsapp/micstec-skills analyzing-security-headers

For use in Claude.ai and ChatGPT