| name | owasp-infrastructure |
| description | OWASP Infrastructure Top 10 knowledge base for identifying, assessing, and remediating internal IT infrastructure security risks. |
| license | CC-BY-SA-4.0 |
| user-invocable | false |
| metadata | {"authors":"OWASP Infrastructure Security Project","spec_version":"1.0","framework_revision":"1.0.0","last_updated":"2026-02-13","skill_based_on":"https://github.com/chris-buckley/agnostic-prompt-standard","content_based_on":"https://owasp.org/www-project-top-10-infrastructure-security-risks/"} |
OWASP Infrastructure Top 10 — Skill Entry
This SKILL.md is the entrypoint for the OWASP Infrastructure Top 10 skill.
The skill encodes the OWASP Infrastructure Security Top 10 (2024) as structured,
machine-readable references that an agent can query to identify, assess, and remediate
infrastructure security risks.
Normative references (Infrastructure Top 10)
- 00 Vulnerability Index
- 01 Outdated Software
- 02 Insufficient Threat Detection
- 03 Insecure Configurations
- 04 Insecure Resource and User Management
- 05 Insecure Use of Cryptography
- 06 Insecure Network Access Management
- 07 Insecure Authentication Methods and Default Credentials
- 08 Information Leakage
- 09 Insecure Access to Resources and Management Components
- 10 Insufficient Asset Management and Documentation
Skill layout
SKILL.md — this file (skill entrypoint).
references/ — the Infrastructure Top 10 normative documents.
00-vulnerability-index.md — index of all vulnerability identifiers, categories, and cross-references.
01 through 10 — one document per vulnerability aligned with OWASP Infrastructure Security numbering.