Does it support the latest OWASP standards?

Yes, it includes a comprehensive checklist and mapping logic for the OWASP Top 10 (2021) categories, including Broken Access Control and Cryptographic Failures.

How does this skill determine the overall security posture?

The skill uses a standardized formula: any Critical or High vulnerabilities result in an 'AT RISK' status, while Medium or Low findings lead to a 'CONDITIONAL' status. If no vulnerabilities are found, the posture is marked as 'SECURE'.

Can I use this for executive reporting?

Absolutely. The skill generates a dedicated Executive Summary section that translates technical vulnerabilities into business impact and provides a high-level recommended action timeline.

What technical details are included for each vulnerability?

Each finding includes the CVSS score, CWE mapping, technical description, exact file location, proof of concept, and specific remediation steps.

Security Reporter

Name: Security Reporter
Author: jpoley

byjpoley

•

Security & Testing

Generates comprehensive security audit reports and OWASP Top 10 compliance assessments from vulnerability scan results.

The Security Reporter skill transforms Claude into an expert security analyst capable of synthesizing raw technical scan data into professional, actionable audit reports. It automates the process of calculating security posture, mapping findings to the OWASP Top 10 and CWE frameworks, and evaluating business risk. This skill is essential for teams needing to bridge the gap between technical vulnerability detection and executive-level reporting, providing clear remediation roadmaps and standardized documentation for compliance and risk management.

Key Features

01Detailed technical reporting with CVSS scoring and CWE categorization

02OWASP Top 10 (2021) compliance checklist and evidence mapping

03Risk-based remediation roadmaps with prioritized action items

04Executive summary generation for non-technical stakeholder communication

05Automated security posture calculation based on vulnerability severity

065 GitHub stars

Use Cases

01Performing a gap analysis against the OWASP Top 10 for a specific codebase

02Converting raw JSON security tool outputs into structured Markdown audit reports

03Prioritizing a security backlog by calculating exploitability and business impact

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add jpoley/flowspec security-reporter

For use in Claude.ai and ChatGPT

Download Skill