API specification linting and security validation using Stoplight's Spectral with support for OpenAPI, AsyncAPI, and Arazzo specifications. Validates API definitions against security best practices, OWASP API Security Top 10, and custom organizational standards. Use when: (1) Validating OpenAPI/AsyncAPI specifications for security issues and design flaws, (2) Enforcing API design standards and governance policies across API portfolios, (3) Creating custom security rules for API specifications in CI/CD pipelines, (4) Detecting authentication, authorization, and data exposure issues in API definitions, (5) Ensuring API specifications comply with organizational security standards and regulatory requirements.
/plugin marketplace add AgentSecOps/SecOpsAgentKit/plugin install appsec-skills@agent-sec-ops-kit-skillsThis skill inherits all available tools. When active, it can use any tool Claude has access to.
assets/ci-config-template.ymlassets/github-actions-template.ymlassets/rule-template.yamlassets/spectral-owasp.yamlreferences/EXAMPLE.mdreferences/WORKFLOW_CHECKLIST.mdreferences/custom_rules_guide.mdreferences/owasp_api_mappings.mdBuild robust backtesting systems for trading strategies with proper handling of look-ahead bias, survivorship bias, and transaction costs. Use when developing trading algorithms, validating strategies, or building backtesting infrastructure.