Do I need permission to run this skill on a website?

Yes. You must always ensure you have explicit, documented authorization before performing any penetration testing or vulnerability scanning on a system.

What is included in the penetration testing report?

The report includes a list of identified vulnerabilities, their severity ratings, the techniques used to find them, and actionable remediation steps.

Does this skill work with APIs?

Yes, it can perform targeted vulnerability assessments on specific API endpoints to identify issues like authentication bypass or authorization flaws.

What types of vulnerabilities can this Claude Code skill identify?

The skill identifies a wide range of security threats, including the OWASP Top 10 risks such as SQL injection, Cross-Site Scripting (XSS), and CSRF.

Web Penetration Tester

Name: Web Penetration Tester
Author: BbgnsurfTech

byBbgnsurfTech

•

Security & Testing

Automates security assessments and vulnerability scans for web applications and APIs to identify OWASP Top 10 threats.

The Web Penetration Tester skill empowers Claude to perform automated security audits and vulnerability assessments using the penetration-tester plugin. It streamlines the identification of critical security flaws—including SQL injection, Cross-Site Scripting (XSS), and CSRF—while providing detailed risk ratings and remediation advice. This skill is ideal for developers and security engineers who need to proactively assess their web application's security posture and generate professional-grade penetration test reports directly within their workflow.

Key Features

01API endpoint security and authorization assessment

02Automated OWASP Top 10 vulnerability scanning

033 GitHub stars

04Detailed remediation recommendations for identified flaws

05Exploitation technique identification and verification

06Comprehensive security report generation

Use Cases

01Identifying vulnerabilities in specific REST or GraphQL API endpoints

02Generating security compliance reports for development and stakeholders

03Performing a full-scale penetration test on a web application domain

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add bbgnsurftech/claude-skills-collection skill-adapter

For use in Claude.ai and ChatGPT

Key Features

01API endpoint security and authorization assessment

02Automated OWASP Top 10 vulnerability scanning

033 GitHub stars

04Detailed remediation recommendations for identified flaws

05Exploitation technique identification and verification

06Comprehensive security report generation

Use Cases

01Identifying vulnerabilities in specific REST or GraphQL API endpoints

02Generating security compliance reports for development and stakeholders

03Performing a full-scale penetration test on a web application domain

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add bbgnsurftech/claude-skills-collection skill-adapter

For use in Claude.ai and ChatGPT