Stats
Actions
Available In
Tags
Help us improve
Share bugs, ideas, or general feedback.
Plugin
appsec
Run multi-framework threat modeling and vulnerability scanning on source code, APIs, and infrastructure; simulate realistic attacker personas; and generate prioritized remediation plans and security reports.
$
npx claudepluginhub florianbuetow/claude-code --plugin appsecPopularity
Stars
Med: 0·Avg: 268
Installs
Med: 0·Avg: 1
What's Inside
Agents7
consolidator
/consolidator
Spawned after all parallel red team analysis agents complete their work. Merges, deduplicates, cross-references, and ranks findings from multiple agents into a single consolidated security report with attack chains and prioritized remediation order.
hacktivist
/hacktivist
Simulates an ideologically motivated medium-skill attacker seeking maximum public embarrassment through data leaks, defacement, and service disruption
insider
/insider
Simulates a malicious authenticated user with domain knowledge who attempts privilege escalation, data exfiltration, and persistent backdoor access using legitimate credentials
nation-state
/nation-state
Spawned during red team analysis when critical infrastructure or high-value targets are assessed. Simulates an Advanced Persistent Threat actor with unlimited time, resources, and sophistication who chains multiple weaknesses together to achieve persistent access, covert exfiltration, and lateral movement across system boundaries.
organized-crime
/organized-crime
Simulates a professional criminal operation with high technical skill seeking financial gain through payment data interception, credential harvesting, PII theft, and ransomware deployment vectors
Skills62
access-control
/access-control
This skill should be used when the user asks to "check for access control issues", "analyze authorization", "find IDOR vulnerabilities", "audit CORS configuration", "check for privilege escalation", or mentions "access control", "authorization", "IDOR", "CORS", "JWT tampering", or "directory traversal" in a security context. Maps to OWASP Top 10 2021 A01: Broken Access Control.
api
/api
This skill should be used when the user asks to "check API security", "audit REST API", "find BOLA vulnerabilities", "check for mass assignment", "analyze API rate limiting", "detect excessive data exposure", or mentions "API security", "BOLA", "IDOR", "mass assignment", "rate limiting", "broken function-level authorization", "excessive data exposure", or "OWASP API Top 10" in a security context.
attack-surface
/attack-surface
This skill should be used when the user asks to "map attack surface", "list entry points", "inventory API endpoints", "find all inputs", "enumerate routes", "discover exposed endpoints", or "map external interfaces". Also triggers when the user asks about exposed APIs, form handlers, file upload endpoints, WebSocket handlers, CLI argument parsers, or wants to understand where external data enters the system.
auth
/auth
This skill should be used when the user asks to "check for authentication issues", "analyze auth", "find credential vulnerabilities", "review login security", "check session management", or mentions "authentication", "passwords", "MFA", "sessions", or "brute force" in a security context. Maps to OWASP Top 10 2021 A07: Identification and Authentication Failures.
business-logic
/business-logic
This skill should be used when the user asks to "check business logic security", "find logic flaws", "audit workflow security", "check for coupon abuse", "detect negative amount exploits", "analyze state machine security", or mentions "business logic", "workflow bypass", "negative amount", "coupon abuse", "self-referral", "state manipulation", or "time-based exploit" in a security context.
Stats
Version0.1.1
LanguagePython
Stars9
MaintenanceExcellent
LicenseMIT
Last Commit
Added
Available In
Safety Signals
Caution
Modifies files
Hook triggers on file write and edit operations
Uses power tools
Uses Bash, Write, or Edit tools
Help us improve
Share bugs, ideas, or general feedback.
