Production-grade security testing skill with OWASP Top 10, vulnerability scanning, penetration testing guidance, and compliance validation
Performs OWASP Top 10 scans, vulnerability assessments, and compliance checks on code, dependencies, and web applications. Use this when you need to identify security flaws, validate compliance (PCI DSS, GDPR, SOC2), or generate remediation guidance for found vulnerabilities.
/plugin marketplace add pluginagentmarketplace/custom-plugin-qa/plugin install qa-development-assistant@pluginagentmarketplace-qaThis skill inherits all available tools. When active, it can use any tool Claude has access to.
assets/config.yamlreferences/GUIDE.mdscripts/helper.pyEnterprise-grade security testing capabilities covering OWASP Top 10, vulnerability assessment, and compliance validation with actionable remediation guidance.
{
"type": "object",
"properties": {
"action": {
"type": "string",
"enum": ["scan", "analyze", "remediate", "compliance_check", "generate_report"],
"description": "Security action to perform"
},
"scan_type": {
"type": "string",
"enum": ["owasp_top10", "dependency", "sast", "dast", "secrets", "configuration"],
"description": "Type of security scan"
},
"target": {
"type": "object",
"properties": {
"url": {"type": "string", "format": "uri"},
"repository": {"type": "string"},
"file_path": {"type": "string"},
"docker_image": {"type": "string"}
}
},
"compliance": {
"type": "string",
"enum": ["owasp", "pci_dss", "hipaa", "gdpr", "soc2", "iso27001"]
},
"severity_filter": {
"type": "string",
"enum": ["critical", "high", "medium", "low", "all"],
"default": "all"
}
},
"required": ["action"]
}
{
"type": "object",
"properties": {
"status": {"type": "string", "enum": ["success", "partial", "failed"]},
"vulnerabilities": {
"type": "array",
"items": {
"type": "object",
"properties": {
"id": {"type": "string"},
"severity": {"type": "string"},
"category": {"type": "string"},
"description": {"type": "string"},
"location": {"type": "string"},
"remediation": {"type": "string"},
"references": {"type": "array", "items": {"type": "string"}}
}
}
},
"summary": {
"type": "object",
"properties": {
"critical": {"type": "integer"},
"high": {"type": "integer"},
"medium": {"type": "integer"},
"low": {"type": "integer"},
"total": {"type": "integer"}
}
},
"compliance_status": {"type": "string", "enum": ["pass", "fail", "partial"]},
"recommendations": {"type": "array", "items": {"type": "string"}}
}
}
target.url:
required: false
validate:
- type: format
pattern: "^https?://"
- type: authorization_check
require: explicit_consent
scan_type:
required: false
default: owasp_top10
validate:
- type: enum
values: [owasp_top10, dependency, sast, dast, secrets, configuration]
- type: tool_availability_check
compliance:
required: false
validate:
- type: enum
values: [owasp, pci_dss, hipaa, gdpr, soc2, iso27001]
retry_config:
strategy: exponential_backoff
max_retries: 3
base_delay_ms: 2000
max_delay_ms: 30000
retryable_errors:
- SCAN_TIMEOUT
- TARGET_TEMPORARILY_UNAVAILABLE
- RATE_LIMITED
error_categories:
authorization_errors:
- NO_CONSENT
- SCOPE_EXCEEDED
- UNAUTHORIZED_TARGET
recovery: require_explicit_authorization
scan_errors:
- SCAN_TIMEOUT
- PARTIAL_SCAN
- TOOL_UNAVAILABLE
recovery: retry_or_fallback_tool
target_errors:
- TARGET_UNREACHABLE
- INVALID_TARGET
- WAF_BLOCKED
recovery: verify_target_access
compliance_errors:
- UNKNOWN_STANDARD
- MISSING_CONTROLS
- INCOMPLETE_ASSESSMENT
recovery: manual_review_required
tests:
- Horizontal privilege escalation
- Vertical privilege escalation
- Insecure direct object references
- Missing function level access control
- CORS misconfiguration
detection_methods:
- Access matrix testing
- Role-based testing
- URL manipulation
- API endpoint enumeration
remediation:
- Implement proper authorization checks
- Use deny-by-default
- Enforce ownership validation
- Log access control failures
tests:
- Weak encryption algorithms
- Hardcoded secrets
- Insufficient key length
- Missing TLS
- Improper certificate validation
detection_methods:
- SSL/TLS analysis
- Code review for crypto usage
- Secret scanning
- Traffic analysis
remediation:
- Use modern encryption (AES-256, RSA-2048+)
- Implement proper key management
- Enforce TLS 1.2+
- Rotate secrets regularly
tests:
- SQL injection
- NoSQL injection
- OS command injection
- LDAP injection
- XPath injection
detection_methods:
- Input fuzzing
- SAST analysis
- Parameterized query check
- Error message analysis
remediation:
- Use parameterized queries
- Input validation/sanitization
- Least privilege database accounts
- WAF rules
A04_insecure_design:
- Threat modeling
- Security requirements review
- Architecture analysis
A05_security_misconfiguration:
- Default credentials check
- Unnecessary features enabled
- Missing security headers
- Verbose error messages
A06_vulnerable_components:
- Dependency scanning
- CVE database check
- License compliance
A07_authentication_failures:
- Brute force testing
- Session management
- Password policy
- MFA implementation
A08_integrity_failures:
- CI/CD security
- Unsigned updates
- Deserialization issues
A09_logging_failures:
- Log injection
- Sensitive data in logs
- Insufficient logging
A10_ssrf:
- Internal network access
- Cloud metadata access
- URL validation bypass
# sql_injection_test.py
import requests
from typing import List, Dict
PAYLOADS = [
"' OR '1'='1",
"' OR '1'='1' --",
"' UNION SELECT NULL--",
"1; DROP TABLE users--",
"' AND 1=1--",
"' AND 1=2--",
]
def test_sql_injection(url: str, param: str) -> List[Dict]:
findings = []
for payload in PAYLOADS:
try:
response = requests.get(
url,
params={param: payload},
timeout=10
)
# Check for SQL error indicators
error_indicators = [
"sql syntax",
"mysql_fetch",
"sqlite_",
"ORA-",
"PostgreSQL",
]
for indicator in error_indicators:
if indicator.lower() in response.text.lower():
findings.append({
"vulnerability": "SQL Injection",
"severity": "CRITICAL",
"payload": payload,
"indicator": indicator,
"url": url,
"parameter": param
})
break
except requests.exceptions.RequestException as e:
continue
return findings
// xss_test.js
const XSS_PAYLOADS = [
'<script>alert(1)</script>',
'<img src=x onerror=alert(1)>',
'<svg onload=alert(1)>',
'javascript:alert(1)',
'"><script>alert(1)</script>',
];
async function testXSS(url, param) {
const findings = [];
for (const payload of XSS_PAYLOADS) {
const testUrl = `${url}?${param}=${encodeURIComponent(payload)}`;
const response = await fetch(testUrl);
const body = await response.text();
// Check if payload is reflected without encoding
if (body.includes(payload)) {
findings.push({
vulnerability: 'Reflected XSS',
severity: 'HIGH',
payload,
url,
parameter: param
});
}
}
return findings;
}
symptoms:
- High volume of low-quality findings
- Legitimate features flagged
- WAF rules triggered
diagnosis:
1. Review scan configuration
2. Analyze finding context
3. Compare with manual testing
4. Check scan scope
solutions:
- Tune scan sensitivity
- Add false positive exclusions
- Use authenticated scanning
- Combine with manual review
symptoms:
- Known vulnerabilities missed
- Low finding count
- Scan completed too quickly
diagnosis:
1. Check scan depth configuration
2. Review authentication state
3. Analyze crawl coverage
4. Check for scan blocks
solutions:
- Increase scan depth
- Provide valid credentials
- Whitelist scanner IP
- Use multiple scan tools
symptoms:
- Connection refused
- Rate limited
- WAF blocks
diagnosis:
1. Check firewall rules
2. Review rate limiting
3. Analyze WAF logs
4. Verify authorization
solutions:
- Whitelist scanner IP
- Reduce scan intensity
- Configure WAF bypass
- Use internal scanning
pci_dss:
requirement_6_5: OWASP_Top_10
requirement_6_6: WAF_or_code_review
requirement_11_3: Penetration_testing
gdpr:
article_32: Security_measures
article_35: Impact_assessment
soc2:
cc6_1: Logical_access
cc6_6: System_boundaries
cc6_7: Change_management
scanning:
- Always get authorization
- Start with passive scanning
- Use authenticated scans
- Schedule during low traffic
remediation:
- Prioritize by risk score
- Fix critical issues first
- Verify fixes with retest
- Document all changes
continuous_security:
- Integrate in CI/CD
- Regular dependency updates
- Security code review
- Bug bounty program
log_events:
- scan_started
- vulnerability_found
- scan_completed
- remediation_verified
metrics:
- vulnerabilities_by_severity
- mean_time_to_remediate
- scan_coverage_percentage
- compliance_score
alerts:
- critical_vulnerability_found
- compliance_threshold_breached
- scan_failure
authorization:
- Always obtain written consent
- Define scope clearly
- Respect boundaries
- Report all findings
responsible_disclosure:
- Follow disclosure timeline
- Work with vendor on fixes
- Protect user data
- Document everything
| Version | Date | Changes |
|---|---|---|
| 2.1.0 | 2025-01 | Production-grade with OWASP 2021 |
| 2.0.0 | 2024-12 | SASMP v1.3.0 compliance |
| 1.0.0 | 2024-11 | Initial release |
Creating algorithmic art using p5.js with seeded randomness and interactive parameter exploration. Use this when users request creating art using code, generative art, algorithmic art, flow fields, or particle systems. Create original algorithmic art rather than copying existing artists' work to avoid copyright violations.
Applies Anthropic's official brand colors and typography to any sort of artifact that may benefit from having Anthropic's look-and-feel. Use it when brand colors or style guidelines, visual formatting, or company design standards apply.
Create beautiful visual art in .png and .pdf documents using design philosophy. You should use this skill when the user asks to create a poster, piece of art, design, or other static piece. Create original visual designs, never copying existing artists' work to avoid copyright violations.