// OWASP Top 10 for Web Applications (2025) vulnerability knowledge base for identifying, assessing, and remediating security risks in web application environments - Brought to you by microsoft/hve-core.
Text-to-speech voice-over generation from YAML speaker notes using Azure Speech SDK with SSML pronunciation control - Brought to you by microsoft/hve-core
PowerPoint slide deck generation and management using python-pptx with YAML-driven content and styling - Brought to you by microsoft/hve-core
Retrieves and groups GitHub code scanning alerts by rule and severity using the gh CLI - Brought to you by microsoft/hve-core
OWASP Docker Top 6 vulnerability knowledge base for identifying, assessing, and remediating security risks in containerized Docker environments - Brought to you by microsoft/hve-core.
Generate customer-card PowerPoint content YAML from Design Thinking canonical artifacts and build using the shared PowerPoint skill pipeline - Brought to you by microsoft/hve-core
Decision-driven installer for HVE-Core with 6 clone-based installation methods, extension quick-install, environment detection, and agent customization workflows - Brought to you by microsoft/hve-core
| name | owasp-top-10 |
| description | OWASP Top 10 for Web Applications (2025) vulnerability knowledge base for identifying, assessing, and remediating security risks in web application environments - Brought to you by microsoft/hve-core. |
| license | CC-BY-SA-4.0 |
| user-invocable | false |
| metadata | {"authors":"OWASP Web Application Security Project","spec_version":"1.0","framework_revision":"1.0.0","last_updated":"2026-02-13","skill_based_on":"https://github.com/chris-buckley/agnostic-prompt-standard","content_based_on":"https://owasp.org/Top10/2025/"} |
This SKILL.md is the entrypoint for the OWASP Top 10 skill.
The skill encodes the OWASP Top 10 for Web Applications (2025) as structured, machine-readable references that an agent can query to identify, assess, and remediate web application security risks.
SKILL.md — this file (skill entrypoint).references/ — the Web Top 10 normative documents.
00-vulnerability-index.md — index of all vulnerability identifiers, categories, and cross-references.01 through 10 — one document per vulnerability aligned with OWASP Web Application Security numbering.Copyright © OWASP Foundation. OWASP® Top 10 (2025) content is derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 (https://creativecommons.org/licenses/by-sa/4.0/). Source: https://owasp.org/Top10/2025/ Modifications: Vulnerability descriptions restructured into agent-consumable reference documents with added detection and remediation guidance. OWASP® is a registered trademark of the OWASP Foundation. Use does not imply endorsement.
🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.