Skip to main content

Owasp Security

Skill Verified Active

Use when reviewing code for security vulnerabilities, implementing authentication/authorization, handling user input, or discussing web application security. Covers OWASP Top 10:2025, ASVS 5.0, LLM Top 10 (2025), and Agentic AI security (2026).

Purpose

To provide developers with up-to-date OWASP security best practices for building secure web applications, integrating LLMs, and developing AI agent systems.

Features

  • OWASP Top 10:2025 coverage
  • OWASP LLM Top 10 (2025) and Agentic AI Security (2026) guidance
  • ASVS 5.0 requirements
  • Language-specific security pitfalls and analysis mindset
  • Secure code examples and review checklists

Use Cases

  • Reviewing code for security vulnerabilities
  • Implementing authentication and authorization
  • Handling user input and external data securely
  • Building secure LLM applications and AI agents
  • Understanding language-specific security risks

Non-Goals

  • Performing automated security scans
  • Providing real-time vulnerability detection
  • Acting as a static analysis tool

Installation

npx skills add agamm/claude-code-owasp

Runs the Vercel skills CLI (skills.sh) via npx — needs Node.js locally and at least one installed skills-compatible agent (Claude Code, Cursor, Codex, …). Assumes the repo follows the agentskills.io format.

Quality Score

Verified
95 /100
Analyzed about 24 hours ago

Trust Signals

Last commit16 days ago
GitHub owner agamm (opens in new tab)
Stars185
LicenseMIT
Status
View Source

Similar Extensions

AI Security

97

Use when assessing AI/ML systems for prompt injection, jailbreak vulnerabilities, model inversion risk, data poisoning exposure, or agent tool abuse. Covers MITRE ATLAS technique mapping, injection signature detection, and adversarial robustness scoring.

Skill
alirezarezvani

Secrets Management

100

Implement secure secrets management for CI/CD pipelines using Vault, AWS Secrets Manager, or native platform solutions. Use when handling sensitive credentials, rotating secrets, or securing CI/CD environments.

Skill
wshobson

Semgrep Rule Creator

100

Creates custom Semgrep rules for detecting security vulnerabilities, bug patterns, and code patterns. Use when writing Semgrep rules or building custom static analysis detections.

Skill
trailofbits

Safe Mode

100

Prevent destructive operations using Claude Code hooks. Three modes — cautious (warn on dangerous commands), lockdown (restrict edits to one directory), and clear (remove restrictions). Uses PreToolUse matchers for Bash, Edit, and Write.

Skill
rohitg00

Prompt Guard

100

Meta's 86M prompt injection and jailbreak detector. Filters malicious prompts and third-party data for LLM apps. 99%+ TPR, <1% FPR. Fast (<2ms GPU). Multilingual (8 languages). Deploy with HuggingFace or batch processing for RAG security.

Skill
Orchestra-Research

Soul Guardian

100

Drift detection + baseline integrity guard for agent workspace files with automatic alerting support

Skill
prompt-security

© 2025 SkillRepo · Find the right skill, skip the noise.