Is authentication required for scanning?

For protected resources, you should provide the necessary credentials to ensure the scanner can access and thoroughly test authenticated routes.

Does this skill support OWASP Top 10 testing?

Yes, it specifically targets OWASP Top 10 vulnerabilities including injection flaws, broken access control, and security misconfigurations.

Can I use this for API security assessments?

Absolutely. The scanner is designed to test both web applications and API endpoints for common vulnerabilities like unauthorized access or injection.

Can this be integrated into a CI/CD pipeline?

Yes, this skill can be triggered via Claude Code commands within automated workflows to ensure security checks are performed after every code change.

How does the skill report vulnerabilities?

It generates a comprehensive report that highlights the type of vulnerability, its severity level, and provides actionable remediation steps for developers.

Security Test Scanner

Name: Security Test Scanner
Author: jeremylongshore

byjeremylongshore

•

883

•

安全与测试

Automates comprehensive security vulnerability testing and penetration assessments for web applications and APIs.

The Security Test Scanner skill empowers Claude to perform automated security audits, focusing on the OWASP Top 10 vulnerabilities including SQL injection, Cross-Site Scripting (XSS), and CSRF. By leveraging specialized scanning tools and bash commands, it identifies authentication flaws and authorization weaknesses within your codebase and live endpoints, providing detailed remediation reports to harden your application's security posture. This skill is essential for developers and security engineers looking to integrate automated vulnerability detection into their development workflow or CI/CD pipelines.

主要功能

01Detailed security reporting with severity ratings

02SQL Injection and Cross-Site Scripting (XSS) detection

03Remediation guidance for identified weaknesses

04883 GitHub stars

05Comprehensive authentication and authorization testing

06Automated OWASP Top 10 vulnerability scanning

使用场景

01Conducting pre-deployment security audits for REST APIs

02Testing web forms for SQL injection and CSRF vulnerabilities

03Identifying improper authorization logic in application endpoints

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add jeremylongshore/claude-code-plugins-plus-skills security-test-scanner

For use in Claude.ai and ChatGPT

Download Skill