Claude Code Skills·Claude Skills·The open SKILL.md registry for Claude
ClaudSkillsSecurity › Appsec Tools › Page 2

Appsec Tools (Page 2 of 4)

219 Claude Code skills in the Appsec Tools sub-category of Security.

219 skills · updated 2026-05-27 · showing 61–120 of 219 by quality score

For the full experience including quality scoring and one-click install features for each skill — upgrade to Pro.

docker-image-vulnerability-triage
Runs Trivy against a Docker image and produces a prioritized CVE list grouped by severity with fix availability. Filters out CVEs with no available fix.
dockerfile-security-hardening-advisor
Audits Dockerfiles for security vulnerabilities using Hadolint and Trivy container scanner. Recommends hardening steps based on CIS Docker Benchmark and Snyk container advisories.
echidna-fuzzer
Property-based testing and fuzzing using Echidna for smart contracts. Includes invariant definition, corpus management, coverage analysis, and CI/CD integration for comprehensive…
emergency-rescue
Recover from developer disasters. Use when someone force-pushed to main, leaked credentials in git, ran out of disk space, killed the wrong process, corrupted a database, broke a…
emergency-resource
Audit an emergency resource management system for crisis readiness. Evaluates inventory tracking accuracy, deployment request-to-arrival pipeline, logistics and route…
env-secret-detector
Env Secret Detector - Auto-activating skill for Security Fundamentals. Triggers on: env secret detector, env secret detector Part of the Security Fundamentals skill category.
eresus-pr-security-review
Security-focused pull request and diff review skill for finding newly introduced vulnerabilities, risky regressions, and missing security tests in changed code.
eresus-remediator
Security remediation skill for fixing confirmed or likely SAST findings in source code. Trigger when the user asks to: "fix a vulnerability", "patch this security bug", "remediate…
eresus-sast-scanner
General-purpose Static Application Security Testing (SAST) skill for code vulnerability analysis. Trigger when the user asks to: "analyze code for vulnerabilities", "review code…
eresus-threat-modeler
Threat modeling skill for new features, services, endpoints, or repositories. Trigger when the user asks to: "threat model this", "analyze attack surface", "find abuse cases",…
fix-guardrails
Fix all guardrail findings (make lint, make test, make sast) across repositories. Use when the user asks to fix linting errors, test failures, SAST findings, or run the full…
fluxo-cotacao-ativacao
Mapa canônico do fluxo de uma cotação até a ativação do associado neste projeto (Praticcar). Use ao mexer em qualquer etapa entre criação da cotação e ativação — link público,…
SecLists Fuzzing (Curated)
Essential fuzzing payloads: SQL injection, command injection, special characters. Curated essentials for vulnerability testing.
fuzzing-apis
Configure perform API fuzzing to discover edge cases, crashes, and security vulnerabilities. Use when performing specialized testing.
fuzzing-apis
Configure perform API fuzzing to discover edge cases, crashes, and security vulnerabilities. Use when performing specialized testing.
Fuzzing Harness Development
Building effective fuzzing harnesses to maximize code coverage and vulnerability discovery through automated input generation
generate-cve-json
Generate a CVE 5.x JSON document from an tracking issue, ready to paste into the Vulnogram `#source` tab of the ASF CVE tool at…
gitleaks-git-secret-scanner
Gitleaks is an open-source SAST tool for detecting hardcoded secrets like passwords, API keys, and tokens in Git repositories, files, and directories.
go-conventions
Apply Go project conventions — Go 1.25.x toolchain pinned via toolchain directive and GOTOOLCHAIN=local, vendored deps via go mod vendor, golangci-lint v2 strict (~50 enabled…
grype-container-sbom-vulnerability-scanner
Scan container images, filesystems, and SBOMs for known vulnerabilities using Anchore Grype. Supports major OS package ecosystems and language-specific packages with EPSS risk…
iac-checkov
Infrastructure as Code (IaC) security scanning using Checkov with 750+ built-in policies for Terraform, CloudFormation, Kubernetes, Dockerfile, and ARM templates.
iac-review
Terraform / Pulumi / CloudFormation review — state management, module contract, plan output, drift detection, security scan (tfsec/checkov/OPA), cost diff (Infracost).
iac-scanner
Scans Infrastructure as Code for security misconfigurations. Wraps tfsec for Terraform and Checkov for multi-cloud IaC.
ibm-mainframe
Provides comprehensive IBM Mainframe administration, development, and modernization guidance including z/OS operations, JCL scripting, COBOL/PL/I programming, CICS/IMS…
implementing-epss-score-for-vulnerability-prioritization
Integrate FIRST's Exploit Prediction Scoring System (EPSS) API to prioritize vulnerability remediation based
implementing-rapid7-insightvm-for-scanning
Deploy and configure Rapid7 InsightVM Security Console and Scan Engines for authenticated and unauthenticated
implementing-semgrep-for-custom-sast-rules
Write custom Semgrep SAST rules in YAML to detect application-specific vulnerabilities, enforce coding standards,
implementing-vulnerability-management-with-greenbone
Deploy and operate Greenbone/OpenVAS vulnerability management using the python-gvm library to create scan targets,
implementing-vulnerability-remediation-sla
Vulnerability remediation SLAs define mandatory timeframes for patching or mitigating identified vulnerabilities
implementing-vulnerability-sla-breach-alerting
Build automated alerting for vulnerability remediation SLA breaches with severity-based timelines, escalation
import-security-issue
Scan for reports that have not yet been copied into as tracking issues, present the proposed imports to the user, and — defaulting to *import unless the…
jfrog-package-safety-and-download
Check JFrog Public Catalog and stored packages for a version, interpret catalog security signals, and download through Artifactory (JFrog Platform locations, remote cache,…
klic-nederland
KLIC & WIBON expert skill voor Nederland. Beantwoord vragen over graafmeldingen, kabels & leidingen, Kadaster en WIBON-wetgeving.
ln-762-dependency-audit
Audits project dependencies for vulnerabilities. Multi-ecosystem support (npm, .NET, Python, Go). CVSS-based severity classification.
linkedin-candidatura-ia
Esta skill deve ser usada quando o usuário solicitar candidaturas automáticas em vagas do LinkedIn relacionadas a Inteligência Artificial (IA) no Brasil, priorizando vagas com…
linkedin-candidatura-ia
Esta skill deve ser usada quando o usuário solicitar candidaturas automáticas em vagas do LinkedIn relacionadas a Inteligência Artificial (IA) no Brasil, priorizando vagas com…
ln-625-dependencies-auditor
Checks outdated packages, unused deps, reinvented wheels, CVE/CVSS vulnerability scan. Use when auditing dependencies.
tray-multicd
API de Multi-CD (Centros de Distribuição) da Tray. Utilize quando o desenvolvedor precisar gerenciar múltiplos centros de distribuição, incluindo cadastro, atualização, exclusão…
nessus
Nessus integration. Manage data, records, and automate workflows. Use when the user wants to interact with Nessus data.
nfr-checklist
Systematische Erhebung, Dokumentation und Priorisierung von Non-Functional Requirements (NFRs) nach ISO 25010 und TOGAF-Qualitätsattributen.
nnf-cve-cleanup
Cleans up NNF deployments impacted by vulnerable or outdated container images using guided execution.
npm-package-vulnerability-scanner
Scans npm dependencies for known vulnerabilities using the npm audit JSON API and the OSV.dev REST API (api.osv.dev/v1/query).
nuclei-scanning
Scanner de vulnerabilidades Nuclei como complemento al analisis LLM. Detecta CVEs conocidos, misconfiguraciones y paneles expuestos.
nuclei-template-vulnerability-scanner
Nuclei is a high-performance vulnerability scanner by ProjectDiscovery that uses simple YAML-based templates to detect security issues across applications, APIs, networks, DNS,…
nuclei-vulnerability-template-runner
Executes ProjectDiscovery Nuclei security scanning templates against target URLs. Supports custom YAML template authoring, CVE detection via nuclei-templates repository, and SARIF…
offensive-fuzzing
Practical offensive fuzzing methodology covering target identification, fuzzer selection (AFL++, libFuzzer, Honggfuzz, Boofuzz, syzkaller), harness writing, corpus curation,…
offensive-krack-fragattacks
KRACK (CVE-2017-13077..082) and FragAttacks (CVE-2020-24586..588 + 26139-26147) — key reinstallation, fragmentation, and aggregation attacks against WPA2 supplicants.
offensive-wpa3-sae
WPA3 / SAE (Simultaneous Authentication of Equals) attack methodology — transition-mode (mixed WPA2/WPA3) downgrade, Dragonblood side-channel attacks (CVE-2019-9494, 9495, 13377,…
open-cve-scanner
오픈소스 취약점 분석 스킬. 사용자가 오픈소스 패키지 이름과 사용 중인 버전을 입력하면, NVD(NIST), OSV.dev(Google), GitHub Advisory 3개 데이터 소스에서 CVE 취약점을 조회하여 최신 버전 정보와 함께 보안 리포트를 생성한다.
osv-scanner-dependency-vulnerability-detector
OSV-Scanner is Google's open-source vulnerability scanner that checks project dependencies against the OSV.dev database.
tray-parceiros
API de Parceiros da Tray. Utilize quando o desenvolvedor precisar gerenciar parceiros/revendedores da loja, incluindo listagem, consulta, cadastro, atualização e exclusão.
perf-torch-sync-free
Identify and eliminate host-device synchronizations in PyTorch code. Detects sync points (.item(), .cpu(), boolean indexing, torch.tensor on CUDA), classifies false vs true…
performing-agentless-vulnerability-scanning
Configure and execute agentless vulnerability scanning using network protocols, cloud snapshot analysis, and
performing-authenticated-scan-with-openvas
Configure and execute authenticated vulnerability scans using OpenVAS/Greenbone Vulnerability Management with
performing-authenticated-vulnerability-scan
Authenticated (credentialed) vulnerability scanning uses valid system credentials to log into target hosts and
performing-cve-prioritization-with-kev-catalog
Leverage the CISA Known Exploited Vulnerabilities catalog alongside EPSS and CVSS to prioritize CVE remediation
performing-endpoint-vulnerability-remediation
Performs vulnerability remediation on endpoints by prioritizing CVEs based on risk scoring, deploying patches,
prioritizing-vulnerabilities-with-cvss-scoring
The Common Vulnerability Scoring System (CVSS) is the industry standard framework maintained by FIRST (Forum
tray-produtos
API de Produtos da Tray. Utilize quando o desenvolvedor precisar listar, consultar, cadastrar, atualizar ou excluir produtos no catálogo de uma loja Tray.
rapid7-insight-platform
Rapid7 Insight Platform integration. Manage Users, Roles, Organizations, Assets, Vulnerabilities, Findings and more.
All Security skills →
More in SecurityWeb Security (479) · Threat Hunting (328) · Red Team (244) · Identity Access (223) · Network Security (196) · Compliance (110) · Malware Analysis (106) · Forensics (63) · Cloud Security (62) · Appsec Build (37) · Crypto Keymgmt (33) · Zero Trust (26) · Incident Response (12) · Ot Ics Security (6)

Categories

Use cases

Popular tags

Learn

Site