Does this skill provide code fixes?

This skill focuses on defining requirements and identifying vulnerabilities. For specific remediation guidance and code fixes, it is recommended to pair this with a remediation library skill.

What is the OWASP ASVS?

The OWASP Application Security Verification Standard (ASVS) is a framework of security requirements and controls that provides a basis for testing web application technical security controls.

Are all 17 domains of ASVS 5.0 included?

Yes, it covers all 17 domains including Authentication, Session Management, Access Control, Cryptography, and newer standards like OAuth and WebRTC.

Which ASVS level should I use for my project?

Level 1 is the minimum baseline for all applications. Level 2 is recommended for applications that handle sensitive data, while Level 3 is reserved for high-value or critical infrastructure applications.

OWASP ASVS 5.0 Security Requirements

Name: OWASP ASVS 5.0 Security Requirements
Author: Zate

byZate

0•

Security & Testing

Accesses and maps OWASP ASVS 5.0 requirements to streamline security audits and ensure application compliance across 17 domains.

The ASVS Requirements skill provides structured access to the complete OWASP Application Security Verification Standard (ASVS) 5.0 database. It allows developers and security professionals to instantly reference specific control objectives, verification requirements, and detection patterns across 17 critical domains including authentication, cryptography, and API security. By categorizing requirements into L1, L2, and L3 verification levels, this skill helps teams accurately scope security audits, build automated auditor agents, and map findings directly to industry-standard compliance IDs.

Key Features

01Structured database of all 369 ASVS 5.0 requirements

020 GitHub stars

03Coverage of 17 security domains including OAuth, JWT, and WebRTC

04Support for verification levels L1 (Opportunistic) through L3 (Advanced)

05Mapping of audit findings to official compliance IDs for reporting

06Pre-defined detection patterns for common security vulnerabilities

Use Cases

01Planning and scoping the depth of security audits for new projects

02Standardizing security audit reports by mapping findings to ASVS IDs

03Referencing specific verification requirements during manual code reviews

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add zate/cc-plugins asvs-requirements

For use in Claude.ai and ChatGPT

Download Skill