Search Results: owasp

Found 211 Skills

Security & Compliancenavanithans/agent-skill-k...

ask-owasp-security-review

Static security analysis for code, auditing for OWASP Top 10 risks. Triggers: "security audit", "is this secure", "check for vulnerabilities". Capabilities: - Static analysis of code snippets. - Mapping findings to OWASP Top 10 (2021). - Providing remediation code patterns.

🇺🇸|EnglishTranslated

1 scripts/Checked

Security & Compliancejeremylongshore/claude-co...

checking-owasp-compliance

Check compliance with OWASP Top 10 security risks and best practices. Use when performing comprehensive security audits. Trigger with 'check OWASP compliance', 'audit web security', or 'validate OWASP'.

🇺🇸|EnglishTranslated

3 scripts/Checked

Security & Complianceyariv1025/skills

owasp-iot-top-10

OWASP IoT Top 10 - prevention, detection, and remediation for IoT device and ecosystem security. Use when designing or reviewing IoT devices - passwords, network services, ecosystem interfaces, secure updates, components, data transfer/storage, device management, default settings, physical hardening, privacy.

🇺🇸|EnglishTranslated

Security & Complianceyariv1025/skills

owasp-serverless-top-10

OWASP Serverless Top 10 - prevention, detection, and remediation for serverless (Lambda, Functions) security. Use when building or reviewing serverless apps - event injection, over-permissioned functions, insecure deps, secrets, config, and other serverless-specific interpretations of the Web Top 10.

🇺🇸|EnglishTranslated

Security & Complianceyariv1025/skills

owasp-api-security-top-10

OWASP API Security Top 10 - prevention, detection, and remediation for REST/GraphQL/API security. Use when designing or reviewing APIs - object- and function-level authorization, authentication, rate limiting and resource consumption, sensitive business flows, SSRF, API inventory and versioning, or consumption of third-party APIs.

🇺🇸|EnglishTranslated

Security & Complianceclaude-dev-suite/claude-d...

owasp-top-10

OWASP Top 10:2025 security vulnerabilities. Covers access control, injection, supply chain, cryptographic failures, and more. Use for security reviews. USE WHEN: user mentions "OWASP 2025", "Top 10", "security review", "vulnerability assessment", asks about "broken access control", "injection", "supply chain", "cryptographic failures", "exception handling" DO NOT USE FOR: general OWASP (2021) - use `owasp` instead, secrets - use `secrets-management`, dependencies - use `supply-chain`

🇺🇸|EnglishTranslated

Security & Compliancesupercent-io/skills-templ...

security-best-practices

Implement security best practices for web applications and infrastructure. Use when securing APIs, preventing common vulnerabilities, or implementing security policies. Handles HTTPS, CORS, XSS, SQL Injection, CSRF, rate limiting, and OWASP Top 10.

🇺🇸|EnglishTranslated

14.1k

Security & Compliancegetsentry/skills

security-review

Security code review for vulnerabilities. Use when asked to "security review", "find vulnerabilities", "check for security issues", "audit security", "OWASP review", or review code for injection, XSS, authentication, authorization, cryptography issues. Provides systematic review with confidence-based reporting.

🇺🇸|EnglishTranslated

Security & Compliancejeffallan/claude-skills

secure-code-guardian

Use when implementing authentication/authorization, securing user input, or preventing OWASP Top 10 vulnerabilities. Invoke for authentication, authorization, input validation, encryption, OWASP Top 10 prevention.

🇺🇸|EnglishTranslated

Security & Complianceovachiever/droid-tings

security-auditor

Continuous security vulnerability scanning for OWASP Top 10, common vulnerabilities, and insecure patterns. Use when reviewing code, before deployments, or on file changes. Scans for SQL injection, XSS, secrets exposure, auth issues. Triggers on file changes, security mentions, deployment prep.

🇺🇸|EnglishTranslated

Security & Complianceharperaa/secure-claude-sk...

security-prompts

Library of battle-tested security prompt templates for secure feature implementation. Use when implementing forms, endpoints, authentication, authorization, file uploads, or conducting security reviews. Triggers include "security prompt", "secure form", "RBAC", "threat model", "STRIDE", "admin endpoint", "file upload", "security testing", "code review", "OWASP".

🇺🇸|EnglishTranslated

Backend Developmentsiviter-xyz/dot-agent

backend-engineer

Build robust backend systems with modern technologies (Node.js, Python, Go, Rust), frameworks (NestJS, FastAPI, Django), databases (PostgreSQL, MongoDB, Redis), APIs (REST, GraphQL, gRPC), authentication (OAuth 2.1, JWT), testing strategies, security best practices (OWASP Top 10), performance optimization, scalability patterns (microservices, caching, sharding), DevOps practices (Docker, Kubernetes, CI/CD), and monitoring. Use when designing APIs, implementing authentication, optimizing database queries, setting up CI/CD pipelines, handling security vulnerabilities, building microservices, or developing production-ready backend systems.

🇺🇸|EnglishTranslated