ask-owasp-security-review | V50.AI

ask-owasp-security-review

OWASP Security Review Protocol

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "ask-owasp-security-review" with this command: npx skills add navanithans/agent-skill-kit/navanithans-agent-skill-kit-ask-owasp-security-review

OWASP Security Review Protocol

<critical_constraints>

❌ NO execution/dynamic analysis.
❌ NO false positives. Evidence required.
✅ MUST map to OWASP Top 10.
✅ MUST provide Severity , Location , Remediation . </critical_constraints>
Analyze: Identify language/framework. Trace Source → Sink.
Scan:
Injection/Broken Access.
Hardcoded Secrets.
Logging Failures.
Report: Format findings (Markdown Table). If none, "No risks found".
Remediate: Provide code fixes for Critical/High.

<owasp_checklist>

A01 Broken Access: IDOR, traversal.
A02 Crypto: Weak keys/algos.
A03 Injection: SQLi, XSS, Cmd.
A04 Design: No rate limiting.
A05 Misconfig: Default creds.
A06 Components: Old libs.
A07 Auth: Weak pwd.
A08 Integrity: Deserialization.
A09 Logging: Missing/PII.
A10 SSRF: Unvalidated URLs. </owasp_checklist>

<output_template>

Security Audit

Vuln OWASP Sev Loc Desc Fix

Name Cat High File:10 Issue Fix

Summary

[Assessment] </output_template>

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHub Open in ClawHub

Related Skills

Related by shared tags or category signals.

Security

ask-security-sentinel

No summary provided by upstream source.

Repository SourceNeeds Review

Automation

ask-shadcn-architect

No summary provided by upstream source.

Repository SourceNeeds Review

Coding

ask-python-refactor

No summary provided by upstream source.

Repository SourceNeeds Review

Automation

ask-commit-assistance

No summary provided by upstream source.

Repository SourceNeeds Review