원클릭으로 Manus에서 모든 스킬 실행

시작하기

ask-owasp-security-review

Static security analysis auditing for OWASP Top 10 risks.

Manus에서 실행

개요

Static security analysis auditing for OWASP Top 10 risks.

설치 명령

npx skills add https://github.com/NavanithanS/Agent-Skill-Kit --skill ask-owasp-security-review

이 명령을 Claude Code에 복사하여 붙여넣어 스킬을 설치하세요

출처

NavanithanS/Agent-Skill-Kit

스타1

포크1

업데이트2026년 3월 7일 07:30

파일 탐색기

5 개 파일

SKILL.md

readonly

name	ask-owasp-security-review
description	Static security analysis auditing for OWASP Top 10 risks.
version	1.0.0
permissions	["filesystem:read"]
inputs	{"code":{"required":true}}

OWASP Security Review Protocol

<critical_constraints>

❌ NO execution/dynamic analysis.
❌ NO false positives. Evidence required.
✅ MUST map to OWASP Top 10.
✅ MUST provide Severity, Location, Remediation. </critical_constraints>

Analyze: Identify language/framework. Trace Source → Sink.
Scan:
- Injection/Broken Access.
- Hardcoded Secrets.
- Logging Failures.
Report: Format findings (Markdown Table). If none, "No risks found".
Remediate: Provide code fixes for Critical/High.

<owasp_checklist>

A01 Broken Access: IDOR, traversal.
A02 Crypto: Weak keys/algos.
A03 Injection: SQLi, XSS, Cmd.
A04 Design: No rate limiting.
A05 Misconfig: Default creds.
A06 Components: Old libs.
A07 Auth: Weak pwd.
A08 Integrity: Deserialization.
A09 Logging: Missing/PII.
A10 SSRF: Unvalidated URLs. </owasp_checklist>

<output_template>

Security Audit

Vuln	OWASP	Sev	Loc	Desc	Fix
Name	Cat	High	File:10	Issue	Fix

Summary

[Assessment] </output_template>

이 저장소의 다른 Skills

같은 저장소

ask-laravel-architect

NavanithanS/Agent-Skill-Kit

Laravel scaffolding for SQL or Mongo (Official/Jenssegers), SoftDeletes, API standards.

2026-05-301

ask-laravel-mechanic

NavanithanS/Agent-Skill-Kit

Laravel maintenance with Zero Data Loss policy, Mongo/SQL debugging.

2026-05-301

ask-vue-architect

NavanithanS/Agent-Skill-Kit

Vue 3 scaffolding for Laravel Inertia, Nuxt, or Vite. Composition API + TypeScript.

2026-05-301

ask-vue-mechanic

NavanithanS/Agent-Skill-Kit

Vue 3 + Inertia maintenance. Fixes navigation reloads, prop mismatches, reactivity loss.

2026-05-301

ask-impact-sentinel

NavanithanS/Agent-Skill-Kit

Guidelines for impact analysis, breaking change detection, and strategic database design.

2026-04-111

ask-commit-assistance

NavanithanS/Agent-Skill-Kit

Code review, staging, and Conventional Commit message generation. MUST NOT COMMIT.

2026-04-111

출처

NavanithanS

NavanithanS/Agent-Skill-Kit

GitHub 저장소 열기 Creator 저장소 보기

설치 명령

다운로드

Manus에서 실행

유용한 대상SOC

정보 보안 분석가컴퓨터 및 수학직15-1212L4

name	ask-owasp-security-review
description	Static security analysis auditing for OWASP Top 10 risks.
version	1.0.0
permissions	["filesystem:read"]
inputs	{"code":{"required":true}}

OWASP Security Review Protocol

<critical_constraints>

❌ NO execution/dynamic analysis.
❌ NO false positives. Evidence required.
✅ MUST map to OWASP Top 10.
✅ MUST provide Severity, Location, Remediation. </critical_constraints>

Analyze: Identify language/framework. Trace Source → Sink.
Scan:
- Injection/Broken Access.
- Hardcoded Secrets.
- Logging Failures.
Report: Format findings (Markdown Table). If none, "No risks found".
Remediate: Provide code fixes for Critical/High.

<owasp_checklist>

A01 Broken Access: IDOR, traversal.
A02 Crypto: Weak keys/algos.
A03 Injection: SQLi, XSS, Cmd.
A04 Design: No rate limiting.
A05 Misconfig: Default creds.
A06 Components: Old libs.
A07 Auth: Weak pwd.
A08 Integrity: Deserialization.
A09 Logging: Missing/PII.
A10 SSRF: Unvalidated URLs. </owasp_checklist>

<output_template>

Security Audit

Vuln	OWASP	Sev	Loc	Desc	Fix
Name	Cat	High	File:10	Issue	Fix

Summary

[Assessment] </output_template>