Search everything...

Skill

security-zap-scan

Run an OWASP ZAP baseline security scan locally using Docker. Checks for the ZAP baseline script, executes the scan, and summarizes findings by risk level with remediation recommendations.

Install

npx claudepluginhub codyswanngt/lisa --plugin lisa

Tool Access

This skill is limited to using the following tools:

BashRead

Preview

Run a ZAP baseline security scan against the local application.

SKILL.md

Similar Skills

cache-components

Guides Next.js Cache Components and Partial Prerendering (PPR) with cacheComponents enabled. Implements 'use cache', cacheLife(), cacheTag(), revalidateTag(), static/dynamic optimization, and cache debugging.

cache-components

139.2k

mcp-builder

9 files

Guides building MCP servers enabling LLMs to interact with external services via tools. Covers best practices, TypeScript/Node (MCP SDK), Python (FastMCP).

anthropics-skills-13

124.2k

canvas-design

20 files

Generates original PNG/PDF visual art via design philosophy manifestos for posters, graphics, and static designs on user request.

anthropics-skills-13

124.2k

Stats

Parent Repo Stars1

Parent Repo Forks2

Last CommitMar 5, 2026

Actions

View Source View Plugin View on GitHub View README

security-zap-scan | lisa | ClaudePluginHub

Skill

security-zap-scan

From lisa

Run an OWASP ZAP baseline security scan locally using Docker. Checks for the ZAP baseline script, executes the scan, and summarizes findings by risk level with remediation recommendations.

Install

npx claudepluginhub codyswanngt/lisa --plugin lisa

Tool Access

This skill is limited to using the following tools:

BashRead

Preview

Run a ZAP baseline security scan against the local application.

SKILL.md

OWASP ZAP Baseline Security Scan

Run a ZAP baseline security scan against the local application.

Workflow

Check prerequisites:
- Verify Docker is installed and running: docker info
- Check if scripts/zap-baseline.sh exists in the project
Execute scan:
- If the script exists, run: bash scripts/zap-baseline.sh
- If the script does not exist, inform the user that this project does not have a ZAP baseline scan configured
Analyze results:
- After the scan completes, read zap-report.html (or zap-report.md for text)
- Summarize findings:
  - Total number of alerts by risk level (High, Medium, Low, Informational)
  - List each Medium+ finding with its rule ID, name, and recommended fix
  - Categorize findings as "infrastructure-level" (fix at CDN/proxy) vs "application-level" (fix in code)
Handle failures:
- If the scan failed, explain what failed and suggest concrete remediation steps

Execution

Run the scan now.

Similar Skills

cache-components

139.2k

mcp-builder

9 files

Guides building MCP servers enabling LLMs to interact with external services via tools. Covers best practices, TypeScript/Node (MCP SDK), Python (FastMCP).

anthropics-skills-13

124.2k

canvas-design

20 files

Generates original PNG/PDF visual art via design philosophy manifestos for posters, graphics, and static designs on user request.

anthropics-skills-13

124.2k

Stats

Parent Repo Stars1

Parent Repo Forks2

Last CommitMar 5, 2026

Actions

View Source View Plugin View on GitHub View README