What types of vulnerabilities can it detect?

The skill focuses on the OWASP Top 10, including SQL injection, Cross-Site Scripting (XSS), CSRF, broken authentication, and sensitive data exposure.

Is the exploitation feature safe to use?

The skill is designed to use safe exploitation techniques to demonstrate proof-of-concept vulnerabilities without causing data loss or system downtime.

Does it provide a final security report?

Yes, the skill generates a comprehensive report that outlines discovered flaws, assigns risk ratings, and suggests specific code changes for remediation.

Can I use this for API security testing?

Absolutely. You can target specific API endpoints to identify flaws such as authentication bypass, improper authorization, and insecure data handling.

Does this skill require authorization to run?

Yes. You must always ensure you have explicit, written authorization before performing penetration testing or vulnerability assessments on any target system.

Security Penetration Tester

Name: Security Penetration Tester
Author: jeremylongshore

byjeremylongshore

•

883

•

Security & Testing

Automates web application penetration testing and vulnerability assessments to identify OWASP Top 10 threats and provide remediation guidance.

This skill empowers developers and security professionals to conduct automated security audits of web applications and APIs directly within the Claude Code environment. By leveraging a specialized penetration testing plugin, it systematically identifies critical vulnerabilities—including SQL injection, XSS, and CSRF—simulates safe exploitation techniques, and generates comprehensive reports with actionable remediation steps to harden your application's security posture.

Key Features

01Automated OWASP Top 10 vulnerability scanning

02Detailed remediation and patching recommendations

03Targeted API endpoint security assessments

04883 GitHub stars

05Comprehensive security reporting with risk ratings

06Safe exploitation technique simulations

Use Cases

01Generating detailed security audit reports for compliance and stakeholder review.

02Conducting a formal vulnerability assessment on production-ready API endpoints.

03Identifying and remediating SQL injection and XSS vulnerabilities in a web application.

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add jeremylongshore/claude-code-plugins-plus-skills penetration-tester

For use in Claude.ai and ChatGPT

Download Skill