What security standards does this skill follow?

This skill is primarily based on the OWASP Top 10 (2021+) standards, covering common vulnerabilities like Broken Access Control, Injection, and SSRF.

How does it assist with API development?

The skill provides a specialized API security checklist focusing on per-endpoint authorization, input sanitization, and rate limiting.

Is this a substitute for a professional security audit?

While it catches common issues and follows professional methodologies, it is designed to assist developers; deep security testing should still be performed by specialists.

Can it help me find secrets leaked in my code?

Yes, it includes specific audit patterns to identify hardcoded passwords, API keys, and other sensitive credentials within your repository.

Does this skill cover web browser security?

Yes, it includes a dedicated section for security headers such as Content-Security-Policy (CSP) and HSTS to prevent XSS and clickjacking.

Security Audit Checklist

Name: Security Audit Checklist
Author: xenitV1

byxenitV1

•

Security & Testing

Performs comprehensive security audits using OWASP Top 10 standards and secure coding best practices to identify vulnerabilities.

The Security Audit Checklist skill provides a systematic framework for developers to evaluate their applications against critical security risks. It guides Claude through a structured review process covering the OWASP Top 10 (2021+), robust authentication protocols, API security, and data protection strategies. By implementing this skill, developers can ensure their codebases adhere to modern security standards, including proper encryption, secure headers, and input validation, making it an essential tool for pre-deployment reviews and building a secure development lifecycle.

Key Features

01API-specific security validation and rate limiting checks

02Data protection and encryption-at-rest verification

03OWASP Top 10 (2021+) vulnerability assessment

04Detailed authentication and session management auditing

05Security header configuration and audit command references

0678 GitHub stars

Use Cases

01Auditing new API endpoints for authorization and injection flaws.

02Ensuring sensitive user data is handled with industry-standard encryption.

03Performing a security sweep before a production release.

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add xenitv1/claude-code-maestro security-checklist

For use in Claude.ai and ChatGPT

Download Skill