Can I compare two different security vulnerabilities?

Yes, you can request comparisons like 'CSRF vs SSRF' to see a side-by-side table explaining the differences in attack type, target, and impact.

How does this differ from the /appsec:explain command?

The glossary provides quick, concise definitions for fast reference, while /appsec:explain offers in-depth educational content and detailed implementation guides.

Which security frameworks are supported by the glossary?

It maps terms to major frameworks including OWASP Top 10, STRIDE, PASTA, LINDDUN, MITRE ATT&CK, SANS/CWE Top 25, and DREAD.

Does this skill require subagents to run?

No, this skill runs entirely within the main agent context to ensure the fastest possible response times for term lookups.

AppSec Glossary

Name: AppSec Glossary
Author: florianbuetow

byflorianbuetow

•

Security & Testing

Provides instant definitions and framework mappings for application security terms and vulnerability classes.

The AppSec Glossary skill for Claude Code acts as a high-speed dictionary for cybersecurity professionals and developers. It provides concise, plain-language definitions for security acronyms and concepts like IDOR, CSRF, and SSRF, while automatically mapping them to major industry frameworks including OWASP Top 10, CWE, and STRIDE. Designed for quick reference rather than deep-dive tutorials, it enables users to compare similar vulnerabilities and access a categorized directory of security terminology directly within their development workflow.

Key Features

016 GitHub stars

02Categorized full glossary for browsing common security concepts

03Side-by-side comparison of similar vulnerability classes

04Concrete attack examples for every defined term

05Automatic mapping to industry frameworks like OWASP, STRIDE, and CWE

06Quick-lookup for security acronyms and technical definitions

Use Cases

01Cross-referencing a vulnerability with its corresponding CWE or OWASP category

02Quickly understanding a security finding in a bug report or scan

03Clarifying the difference between similar security concepts during code reviews

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add florianbuetow/claude-code glossary

For use in Claude.ai and ChatGPT

Download Skill