How does the Security Testing skill improve code safety?

It provides automated detection for common vulnerabilities like SQL injection and CSRF while guiding developers through security best practices and header configurations.

Can I integrate this skill into my DevOps workflow?

The skill is specifically designed to support CI/CD security gate integration, allowing you to automate security checks during the deployment process.

Does this skill support vulnerability scanning for dependencies?

Yes, it includes capabilities for detecting known CVEs in your project's third-party dependencies to prevent supply chain attacks.

What kind of anti-patterns can this skill detect?

It detects issues such as string concatenation in SQL queries, missing ownership verification, hardcoded credentials, and the use of dangerous functions like eval().

Security Testing

Name: Security Testing
Author: Agentient

byAgentient

보안 및 테스팅

Hardens software applications by providing comprehensive security auditing, vulnerability scanning, and penetration testing guidance.

소개

The Security Testing skill for Claude Code is a specialized framework designed to identify and mitigate security risks throughout the development lifecycle. By integrating Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and dependency vulnerability scanning, it helps developers detect common anti-patterns like SQL injection, CSRF vulnerabilities, and misconfigured security headers. This skill provides the methodology and pattern detection needed to maintain a robust security posture, whether you are conducting manual audits or automating security gates within a CI/CD pipeline.

주요 기능

Security regression testing and CI/CD gate integration
0 GitHub stars
Automated vulnerability scanning for project dependencies
Static Application Security Testing (SAST) pattern detection
Dynamic Application Security Testing (DAST) implementation guidance
Penetration testing methodology and security checklists

사용 사례

Implementing security gates in DevOps pipelines to block insecure code deployments
Conducting automated security audits to detect SQL injection or CSRF vulnerabilities
Guiding developers through manual penetration testing and security header verification

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add agentient/vibekit security-testing

For use in Claude.ai and ChatGPT

Download Skill

GitHub

소개