Does it provide remediation advice?

Every finding includes a root cause explanation, the specific business impact, and actionable remediation steps to fix the underlying vulnerability.

Can it detect hardcoded secrets?

Yes, it includes pattern analysis for identifying API keys, tokens, JWTs, and cloud credentials with high entropy indicators.

Does this skill support the latest OWASP standards?

Yes, it is specifically designed around the OWASP 2025 Top 10 risk categories, including new focuses like Supply Chain Security and Exceptional Conditions.

How does it prioritize security findings?

It uses a decision tree that combines CVSS base severity, EPSS exploit likelihood, and asset-specific business context to categorize risks from Low to Critical.

Vulnerability Scanner & Security Auditor

Name: Vulnerability Scanner & Security Auditor
Author: claudiodearaujo

byclaudiodearaujo

0•

보안 및 테스팅

Conducts advanced security audits and vulnerability scans based on 2025 threat landscapes and OWASP standards.

This skill empowers Claude to act as an expert security researcher, identifying vulnerabilities across the modern software development lifecycle. It implements the latest OWASP Top 10 (2025) principles, focusing heavily on emerging risks like supply chain security (A03) and exceptional condition handling (A10). By mapping attack surfaces, identifying trust boundaries, and utilizing risk prioritization frameworks like CVSS and EPSS, the skill provides actionable remediation guidance. It is particularly useful for auditing code patterns, scanning dependencies for integrity, and ensuring applications adhere to Zero Trust and Defense in Depth principles.

주요 기능

01Multi-layer attack surface mapping and threat modeling

02Pattern-based detection for secrets and high-risk code execution

03Comprehensive OWASP 2025 compliance auditing

040 GitHub stars

05Supply chain security and dependency integrity verification

06Risk prioritization using CVSS and EPSS scores

사용 사례

01Auditing third-party dependencies for supply chain risks and integrity

02Conducting pre-release security reviews for web applications and APIs

03Prioritizing security technical debt based on business impact and exploitability

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add claudiodearaujo/sistema-de-narra-o-de-livro-front vulnerability-scanner

For use in Claude.ai and ChatGPT

Download Skill

주요 기능

01Multi-layer attack surface mapping and threat modeling

02Pattern-based detection for secrets and high-risk code execution

03Comprehensive OWASP 2025 compliance auditing

040 GitHub stars

05Supply chain security and dependency integrity verification

06Risk prioritization using CVSS and EPSS scores

사용 사례

01Auditing third-party dependencies for supply chain risks and integrity

02Conducting pre-release security reviews for web applications and APIs

03Prioritizing security technical debt based on business impact and exploitability

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add claudiodearaujo/sistema-de-narra-o-de-livro-front vulnerability-scanner

For use in Claude.ai and ChatGPT

Download Skill