Stats
Actions
Tags
'%20stop-opacity%3D'0.16'%2F%3E%3Cstop%20offset%3D'1'%20stop-color%3D'rgb(200%2C90%2C60)'%20stop-opacity%3D'0.03'%2F%3E%3C%2FlinearGradient%3E%3C%2Fdefs%3E%3Crect%20width%3D'320'%20height%3D'200'%20fill%3D'url(%23g)'%2F%3E%3Ccircle%20cx%3D'250'%20cy%3D'56'%20r%3D'92'%20fill%3D'rgb(200%2C90%2C60)'%20fill-opacity%3D'0.06'%2F%3E%3Ccircle%20cx%3D'64'%20cy%3D'172'%20r%3D'58'%20fill%3D'rgb(200%2C90%2C60)'%20fill-opacity%3D'0.05'%2F%3E%3C%2Fsvg%3E)
From ship
Reviews code against OWASP Top 10 security vulnerabilities including broken access control, injection, XSS, cryptographic failures, and misconfigurations.
How this skill is triggered — by the user, by Claude, or both
Slash command
/ship:use-context-reviewer-securityWhen to use
security, OWASP, XSS, SQL injection, prompt injection, LLM security, セキュリティ, 脆弱性, cloud security, AWS, IAM, Terraform, クラウドセキュリティ, インフラ
reviewer-securityThis skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
LLM01 covers apps that pass untrusted content to an LLM. The sink is the prompt itself: untrusted text concatenated without a data/instruction boundary, or a caller-supplied value interpolated into a system prompt. Constrain an LLM tool (e.g. a `fetch_url` tool) the same way as its non-LLM counterpart (A10 SSRF). The tool is the sink, not the prompt.
references/cloud-infrastructure.mdreferences/frontend-taint-checklist.mdreferences/owasp-advanced.mdreferences/owasp-basic.mdreferences/owasp-injection.mdtest/README.mdtest/cases/cross-file/analytics-route.tstest/cases/cross-file/middleware.tstest/cases/hard-safe/allowlist-fetch.tstest/cases/hard-safe/parameterized-like.tstest/cases/hard-safe/prompt-injection-explainer.tstest/cases/hard-safe/wrapped-sanitize.tsxtest/cases/hard-vuln/fake-escape.tstest/cases/hard-vuln/indirect-xss.tsxtest/cases/hard-vuln/prompt-injection-exfiltration.tstest/cases/hard-vuln/prompt-injection-system-spoof.tstest/cases/hard-vuln/second-order-injection.tstest/cases/hard-vuln/ssrf.tstest/cases/safe/env-key.tstest/cases/safe/parameterized-query.tsLLM01 covers apps that pass untrusted content to an LLM. The sink is the prompt itself: untrusted text concatenated without a data/instruction boundary, or a caller-supplied value interpolated into a system prompt. Constrain an LLM tool (e.g. a fetch_url tool) the same way as its non-LLM counterpart (A10 SSRF). The tool is the sink, not the prompt.
| ID | Category | Pattern | Fix |
|---|---|---|---|
| A01 | Broken Access Control | Missing auth, IDOR, path traversal | Auth middleware, ownership check |
| A02 | Cryptographic Failures | password: 'plaintext' | bcrypt/argon2 hashing |
| A03 | Injection | db.query(\SELECT...${id}`)` | Parameterized query, ORM |
| A03 | Injection | exec(\ping ${host}`)` | Input validation, library instead |
| A03 | XSS | dangerouslySetInnerHTML (static presence) | Default escaping, DOMPurify |
| A05 | Security Misconfiguration | cors({ origin: '*' }) | Explicit origin allowlist |
| A05 | Security Misconfiguration | cookie: {} (no options) | secure, httpOnly, sameSite: 'strict' |
| A05 | Security Misconfiguration | err.stack in error response without NODE_ENV guard | Generic message in prod, log internally |
| A09 | Logging Failures | logger.info({ password }) | Exclude sensitive fields |
| A10 | SSRF | fetch(userInputUrl) | URL validation, allowlist |
| A07 | Authentication Failures | No rate limit on auth endpoints (login, register, password-reset) | Rate limiter middleware on auth route group |
| A01 | CSRF | No CSRF token verification on state-changing requests (POST/PUT/PATCH/DELETE) | Double Submit Cookie |
| A02 | Timing Attack | === comparison of tokens/signatures | Constant-time comparison (XOR all bytes, decide last) |
| A08 | Prototype Pollution | Request object built with ...body spread | Explicit field assignment |
| A03 | XSS (Taint) | dangerouslySetInnerHTML={{ __html }} without sanitizer | DOMPurify.sanitize() at boundary |
| A03 | XSS (Taint) | Function arg → innerHTML without sanitization | Sanitize at function boundary |
| A03 | XSS (Taint) | <a href={variable}> with user-controlled URL | Protocol allowlist (https/http only) |
| A01 | Open Redirect (Taint) | URL param → location.href without validation | Domain allowlist or relative-only |
| A04 | Insecure Design | postMessage handler without origin check | Strict event.origin comparison |
| A02 | Sensitive Data Exposure | JWT stored in localStorage/sessionStorage | httpOnly cookie instead |
| LLM01 | Prompt Injection (LLM) | Untrusted or caller-controlled value (RAG docs, fetched content, tool results, role args) reaches the prompt with no data-only framing | Delimit untrusted content as data; map caller values to fixed enumerated instructions |
The severity scale is critical / high / medium. Always include file:line. Report each independent vulnerability as its own finding. When one file holds two distinct issues (e.g. a path traversal and a separate prompt injection), list both as separate findings rather than folding one into a note on the other.
| Signal | Severity | Required output |
|---|---|---|
| Certain exploit | critical | Full exploit scenario + concrete fix |
| Clear vulnerability | high | Attack vector + concrete fix |
| Possible issue | medium | verification_hint + suggested fix |
| Speculative only | none | Do NOT report |
| Topic | Scope | File |
|---|---|---|
| Basic | A01, A02, A07 | ${CLAUDE_SKILL_DIR}/references/owasp-basic.md |
| Injection | A03 | ${CLAUDE_SKILL_DIR}/references/owasp-injection.md |
| Advanced | A04-A06, A08-A10 | ${CLAUDE_SKILL_DIR}/references/owasp-advanced.md |
| Cloud | IAM, IaC, CI/CD | ${CLAUDE_SKILL_DIR}/references/cloud-infrastructure.md |
| Frontend | Taint analysis | ${CLAUDE_SKILL_DIR}/references/frontend-taint-checklist.md |
npx claudepluginhub thkt/dotclaude --plugin shipReviews project code against OWASP Top 10 vulnerabilities: broken access control, injections (SQL, XSS, CSRF), cryptographic failures, insecure design, misconfigurations, and authentication issues.
Reviews code and architectures against OWASP Top 10:2025 web application security risks. Useful for vulnerability audits, codebase reviews, remediation guidance, and secure coding patterns.
This skill should be used when the user asks to "analyze code for security issues", "check for OWASP vulnerabilities", "review code against CWE Top 25", "find injection vulnerabilities", "do a security code review", or needs manual security analysis against OWASP Top 10, API Top 10, Mobile Top 10, or CWE/SANS frameworks.