Security Testing & Verification

Automated and manual security tests for web apps: CSRF, rate limiting, input validation, security headers and pre-deployment checklist.

triggers:security testingtest securitypre-deploymentverify securitytest CSRFtest rate limitsecurity checklist

GitHub SKILL.md

What it does

This skill provides a structured security-testing workflow for web applications, including automated scripts and manual checks that verify CSRF protection, rate limiting, input validation, security headers, authentication/authorization, and dependency vulnerabilities. It collates test commands, expected outputs, and a pre-deployment checklist to ensure security controls are working before release.

When to use it

Use this skill before deployments, during CI/CD security jobs, or when auditing an application for common web vulnerabilities. Triggers include pre-deployment testing, regression testing after security fixes, or a quick checklist run when onboarding a repo.

What's included

Scripts: references to rate-limit and security-test scripts (documented in the SKILL.md).
References: guidance on external scanners (securityheaders.com, Mozilla Observatory, SSL Labs) and OWASP testing practices.
Instructions: step-by-step commands for testing rate limits, CSRF behavior, input validation (XSS/email/length checks), security headers, authentication/authorization cases, dependency audits (npm audit) and CI integration.

Compatible agents

Best suited for agents and CI runners that can execute shell/node scripts and parse outputs: Claude Code, Copilot/Codex-style code runners, and CI automation agents. It assumes access to the repo and a testable deployment or local server.

Not yet audited

This skill has not been reviewed by our automated audit pipeline yet.

Information

Repository: secure-claude-skills
Stars: 7
Installs: 0

Related Skills

Development Worktree

Create an isolated git worktree for feature work, auto-run project setup, and verify a clean test baseline before development.

TradeOS

Natural-language driven CEX trading and portfolio management for agents: API key vaulting, multi-exchange orders, DCA, arbitrage scanning, alerts and security r

Full Stack Builder

End-to-end builder that scaffolds, implements, tests, and optionally deploys web and API applications from a natural-language specification.

Java 25 & Spring Boot 4 Code Reviewer

Run focused, evidence-based code reviews for Java 25 and Spring Boot 4 projects — migration risks, architecture boundaries, null-safety (JSpecify), security, an

ArcKit — French Public Procurement (fr-marche-public)

Generates French public procurement (Dossier de Consultation des Entreprises) drafts aligned with the Code de la Commande Publique, UGAP frameworks, and DINUM d

Speak Security Basics

Security best practices for integrating Speak: API key management, audio data privacy, student data protection, and COPPA/FERPA compliance for production deploy

Anima Rate Limits

Patterns and code for throttling Anima API code-generation calls, batching node processing, and handling 429s with progressive backoff for design-system scale w

SWE-AF — Autonomous Software Engineering Fleet

Orchestrates a coordinated multi-agent engineering workflow to plan, implement, test, and merge production-grade changes across single or multiple repositories.

Back to Skills

Security Testing & Verification

from secure-claude-skills7

Automated and manual security tests for web apps: CSRF, rate limiting, input validation, security headers and pre-deployment checklist.

triggers:security testingtest securitypre-deploymentverify securitytest CSRFtest rate limitsecurity checklist

GitHub SKILL.md

What it does

When to use it

What's included

Scripts: references to rate-limit and security-test scripts (documented in the SKILL.md).
References: guidance on external scanners (securityheaders.com, Mozilla Observatory, SSL Labs) and OWASP testing practices.
Instructions: step-by-step commands for testing rate limits, CSRF behavior, input validation (XSS/email/length checks), security headers, authentication/authorization cases, dependency audits (npm audit) and CI integration.

Compatible agents

Not yet audited

This skill has not been reviewed by our automated audit pipeline yet.

Information

Repository: secure-claude-skills
Stars: 7
Installs: 0

Related Skills

Development Worktree

Create an isolated git worktree for feature work, auto-run project setup, and verify a clean test baseline before development.

TradeOS

Natural-language driven CEX trading and portfolio management for agents: API key vaulting, multi-exchange orders, DCA, arbitrage scanning, alerts and security r

Full Stack Builder

End-to-end builder that scaffolds, implements, tests, and optionally deploys web and API applications from a natural-language specification.

Java 25 & Spring Boot 4 Code Reviewer

Run focused, evidence-based code reviews for Java 25 and Spring Boot 4 projects — migration risks, architecture boundaries, null-safety (JSpecify), security, an

ArcKit — French Public Procurement (fr-marche-public)

Generates French public procurement (Dossier de Consultation des Entreprises) drafts aligned with the Code de la Commande Publique, UGAP frameworks, and DINUM d

Speak Security Basics

Security best practices for integrating Speak: API key management, audio data privacy, student data protection, and COPPA/FERPA compliance for production deploy

Anima Rate Limits

Patterns and code for throttling Anima API code-generation calls, batching node processing, and handling 429s with progressive backoff for design-system scale w

SWE-AF — Autonomous Software Engineering Fleet

Orchestrates a coordinated multi-agent engineering workflow to plan, implement, test, and merge production-grade changes across single or multiple repositories.

Security Testing & Verification

What it does

When to use it

What's included

Compatible agents

Tags

Not yet audited

Information

Related Skills

Security Testing & Verification

What it does

When to use it

What's included

Compatible agents

Tags

Not yet audited

Information

Related Skills