ClaudSkills / Security / web-security

OWASP

Quality score: 70/100  ·  Category: Security  ·  Sub-category: web-security
type:audit
Systematic audit against the OWASP 2021 Top 10 web application security risks with severity-rated, file-level findings. Checks A01 Broken Access Control (IDOR, path traversal, CORS, privilege escalation), A02 Cryptographic Failures (weak algorithms, exposed secrets, missing TLS), A03 Injection (SQL, NoSQL, command, XSS, LDAP, XPath, template injection), A04 Insecure Design (missing rate limiting, business logic flaws, race conditions), A05 Security Misconfiguration (debug mode, default credentials, missing security headers, CSP), A06 Vulnerable Components (dependency CVEs, outdated frameworks, EOL runtimes), A07 Auth Failures (weak passwords, session fixation, missing MFA), A08 Data Integrity (insecure deserialization, CI/CD integrity, dependency confusion), A09 Logging Failures (missing security events, PII in logs, log injection), A10 SSRF (user-supplied URLs, cloud metadata access, DNS rebinding). Use for web app security audits, pre-release security checks, or compliance evidence gathering.

What this skill does

OWASP is a production-ready Claude Code skill (quality score 70/100) in the web-security sub-category. It ships as a SKILL.md file that Claude Code auto-discovers under ~/.claude/skills/owasp/ and loads when your prompt matches the skill's trigger.

Who uses this skill

The OWASP skill is built for security engineers, penetration testers, DevSecOps practitioners, and development teams hardening codebases and infrastructure. It is part of the open ClaudSkills registry, a community-curated catalog of 15,000+ capabilities you can install for Claude Code — the Claude CLI agent.

How to install

Free

Manual install (2 steps)

mkdir -p ~/.claude/skills/owasp
curl -L https://claudskills.com/skills/owasp/SKILL.md \
  -o ~/.claude/skills/owasp/SKILL.md

Or just download SKILL.md directly and drop it into ~/.claude/skills/owasp/. Claude Code auto-discovers it on next session.

Skills live at ~/.claude/skills/owasp/SKILL.md on macOS/Linux, or %USERPROFILE%\.claude\skills\owasp\SKILL.md on Windows. See the full install guide for step-by-step instructions.

Pro

One-click install via the desktop app

The ClaudSkills desktop app installs any skill directly into ~/.claude/skills/ with one click — no terminal required. Pro starts at $9/mo or $149 lifetime.

More Security skills

Browse all Security skills in the ClaudSkills registry, or explore these top-rated picks from the same category:

Browse all Security skills → Top 100 skills
Part of ClaudSkills — the open registry for Claude Code skills.  ·  What's New  ·  Install guide  ·  About  ·  llms.txt

Part of Acreator Store — Adam Lankamer's AI tools: GifPerfect · AspectPerfect · SlomoPerfect · Ucaption · UTagger · AutoXPoster · TestYourSkills