Can I target specific API endpoints for testing?

Absolutely. You can define the scope of the security test by specifying particular endpoints, modules, or directories you want Claude to analyze.

What types of vulnerabilities can this Claude Code skill detect?

The skill is designed to detect a wide range of issues including the OWASP Top 10, SQL injection, Cross-Site Scripting (XSS), CSRF, and flaws in authentication or authorization.

Is this skill suitable for CI/CD integration?

Yes, the skill is designed to be integrated with other plugins and tools to trigger security scans automatically as part of your deployment pipeline.

Does it provide instructions on how to fix the security flaws?

Yes, the skill generates a detailed report that includes severity ratings and specific remediation steps to help you resolve identified vulnerabilities.

Security Vulnerability & Penetration Tester

Name: Security Vulnerability & Penetration Tester
Author: BbgnsurfTech

byBbgnsurfTech

•

Security & Testing

Automates comprehensive security vulnerability testing and penetration scans to identify OWASP Top 10 flaws and injection risks.

This skill provides an automated framework for performing deep security assessments on applications and APIs directly within the Claude environment. By leveraging a specialized security-test-scanner, it systematically evaluates targets for critical vulnerabilities like SQL injection, Cross-Site Scripting (XSS), and CSRF, while ensuring compliance with OWASP Top 10 standards. It is an essential tool for developers and security engineers looking to integrate proactive auditing into their development lifecycle, offering detailed reports that include severity ratings and actionable remediation guidance to harden software against modern cyber threats.

Key Features

01Authentication and authorization security auditing

023 GitHub stars

03Deep detection for SQL injection and XSS flaws

04Seamless integration with CI/CD pipelines for automated testing

05Automated OWASP Top 10 vulnerability scanning

06Comprehensive reporting with severity ratings and fix suggestions

Use Cases

01Performing a routine OWASP Top 10 compliance check on web applications

02Auditing a REST API for injection vulnerabilities before deployment

03Testing authentication flows to identify authorization bypass risks

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add bbgnsurftech/claude-skills-collection skill-adapter

For use in Claude.ai and ChatGPT

Download Skill