back
loading skill details...
Security audit guidelines for web applications and REST APIs based on OWASP Top 10 and web security best practices. Use when checking code for vulnerabilities,…
Security audit framework for web applications and REST APIs covering OWASP Top 10 vulnerabilities. 20 rules organized across 5 categories: Authentication & Authorization, Data Protection, Input/Output Security, Configuration & Headers, and API & Monitoring Covers critical vulnerabilities including injection attacks, broken access control, cryptographic failures, CSRF, SSRF, and insecure deserialization with code examples for both vulnerable and secure patterns Includes systematic audit workflow prioritized by severity (CRITICAL, HIGH, MEDIUM, LOW) with structured reporting format for findings and remediation Provides quick-reference patterns for common vulnerabilities like SQL injection, XSS, hardcoded secrets, weak crypto, and insecure cookies OWASP Security Check Comprehensive security audit patterns for web applications and REST APIs. Contains 20 rules across 5 categories covering OWASP Top 10 and common web vulnerabilities. When to Apply Use this skill when: Auditing a codebase for security vulnerabilities Reviewing user-provided file or folder for security issues Checking authentication/authorization implementations Evaluating REST API security Assessing data protection measures Reviewing configuration and deployment settings Before production deployment After adding new features that handle sensitive data How to Use This Skill
don't have the plugin yet? install it then click "run inline in claude" again.