When should I trigger this skill?

Trigger it whenever you need a security assessment, such as after significant code changes, before a release, or when testing new endpoints.

Can I integrate this with my deployment workflow?

Yes, this skill can be integrated with other plugins to automatically trigger security tests as part of a CI/CD pipeline.

What types of vulnerabilities can this skill detect?

It detects a wide range of issues including the OWASP Top 10, SQL injection, XSS, CSRF, and flaws in authentication or authorization.

Can I use this for API testing?

Yes, the skill is specifically designed to perform deep security assessments on both web applications and RESTful APIs.

Does it provide remediation advice?

Yes, every scan generates a comprehensive report that includes vulnerability descriptions, severity levels, and specific remediation steps.

Security Test Scanner

Name: Security Test Scanner
Author: jeremylongshore

byjeremylongshore

•

884

•

Security & Testing

Automates comprehensive security vulnerability testing for applications and APIs to identify OWASP Top 10 flaws and injection risks.

The Security Test Scanner skill empowers Claude to perform automated security assessments and penetration tests directly within your development environment. By leveraging a specialized scanning plugin, it identifies critical vulnerabilities such as SQL injection, Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF), providing detailed reports with severity ratings and remediation guidance. This skill is ideal for developers and security engineers who need to perform ad-hoc audits on specific endpoints or integrate security-first practices into their application lifecycle.

Key Features

01Automated OWASP Top 10 vulnerability scanning

02Detection of SQL injection, XSS, and CSRF flaws

03Assessment of authentication and authorization security

04Detailed reporting with severity ratings and remediation steps

05Targeted testing for specific API endpoints and modules

06884 GitHub stars

Use Cases

01Performing a security audit of a REST API before production deployment

02Testing specific web forms and inputs for injection vulnerabilities

03Integrating automated security scans into CI/CD pipelines via plugin triggers

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add jeremylongshore/claude-code-plugins-plus-skills security-test-scanner

For use in Claude.ai and ChatGPT

Download Skill