Is authentication required for scanning?

For protected resources, you should provide the necessary credentials to ensure the scanner can access and thoroughly test authenticated routes.

Does this skill support OWASP Top 10 testing?

Yes, it specifically targets OWASP Top 10 vulnerabilities including injection flaws, broken access control, and security misconfigurations.

Can I use this for API security assessments?

Absolutely. The scanner is designed to test both web applications and API endpoints for common vulnerabilities like unauthorized access or injection.

Can this be integrated into a CI/CD pipeline?

Yes, this skill can be triggered via Claude Code commands within automated workflows to ensure security checks are performed after every code change.

How does the skill report vulnerabilities?

It generates a comprehensive report that highlights the type of vulnerability, its severity level, and provides actionable remediation steps for developers.

Security Test Scanner

Name: Security Test Scanner
Author: jeremylongshore

byjeremylongshore

•

883

보안 및 테스팅

Automates comprehensive security vulnerability testing and penetration assessments for web applications and APIs.

소개

The Security Test Scanner skill empowers Claude to perform automated security audits, focusing on the OWASP Top 10 vulnerabilities including SQL injection, Cross-Site Scripting (XSS), and CSRF. By leveraging specialized scanning tools and bash commands, it identifies authentication flaws and authorization weaknesses within your codebase and live endpoints, providing detailed remediation reports to harden your application's security posture. This skill is essential for developers and security engineers looking to integrate automated vulnerability detection into their development workflow or CI/CD pipelines.

주요 기능

Detailed security reporting with severity ratings
SQL Injection and Cross-Site Scripting (XSS) detection
Remediation guidance for identified weaknesses
883 GitHub stars
Comprehensive authentication and authorization testing
Automated OWASP Top 10 vulnerability scanning

사용 사례

Conducting pre-deployment security audits for REST APIs
Testing web forms for SQL injection and CSRF vulnerabilities
Identifying improper authorization logic in application endpoints

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add jeremylongshore/claude-code-plugins-plus-skills security-test-scanner

For use in Claude.ai and ChatGPT

Download Skill

GitHub

소개