Guides phased testing of web apps for OWASP Top 10 risks: injection, XSS, broken authentication, access control, and security headers.
From antigravity-awesome-skillsnpx claudepluginhub sickn33/antigravity-awesome-skills --plugin antigravity-awesome-skillsThis skill uses the workspace's default tool permissions.
Designs and optimizes AI agent action spaces, tool definitions, observation formats, error recovery, and context for higher task completion rates.
Enables AI agents to execute x402 payments with per-task budgets, spending controls, and non-custodial wallets via MCP tools. Use when agents pay for APIs, services, or other agents.
Compares coding agents like Claude Code and Aider on custom YAML-defined codebase tasks using git worktrees, measuring pass rate, cost, time, and consistency.
Specialized workflow for testing web applications against OWASP Top 10 vulnerabilities including injection attacks, XSS, broken authentication, and access control issues.
Use this workflow when:
scanning-tools - Security scanningtop-web-vulnerabilities - OWASP knowledgeUse @scanning-tools to perform web application reconnaissance
sql-injection-testing - SQL injectionsqlmap-database-pentesting - SQLMapUse @sql-injection-testing to test for SQL injection
Use @sqlmap-database-pentesting to automate SQL injection testing
xss-html-injection - XSS testinghtml-injection-testing - HTML injectionUse @xss-html-injection to test for cross-site scripting
broken-authentication - Authentication testingUse @broken-authentication to test authentication security
idor-testing - IDOR testingfile-path-traversal - Path traversalUse @idor-testing to test for insecure direct object references
Use @file-path-traversal to test for path traversal
api-security-best-practices - Security headersUse @api-security-best-practices to audit security headers
reporting-standards - Security reportingUse @reporting-standards to create security report
security-audit - Security auditingapi-security-testing - API securitywordpress-security - WordPress security