Skip to main content
Manus에서 모든 스킬 실행
원클릭으로

security-misconfiguration-and-headers

스타2
포크1
업데이트2026년 7월 9일 12:42

SAST detection methodology for security misconfiguration and missing/weak security headers (CWE-16), including absent CSP/HSTS/X-Content-Type-Options, clickjacking via missing X-Frame-Options / CSP frame-ancestors (CWE-1021), insecure cookie attributes (Secure/HttpOnly/SameSite, cookie scope, __Host-/ __Secure- prefixes), cleartext/mixed content (CWE-319), verbose banners, default pages/credentials, directory listing, and dangerous HTTP methods. Use when reviewing server/framework config, response headers, cookie setup, and web-server hardening. Writes confirmed findings to findings/39-security-misconfiguration-and-headers.md.

설치

Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.

SKILL.md
readonly