security-testing-specialist
CommunityFind and prevent OWASP Top 10 vulnerabilities
AuthorWhaleylaw
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill centralizes and standardizes security testing for web applications to identify and validate common vulnerabilities such as XSS, CSRF, SQL injection, authentication/authorization flaws, insecure headers, and improper session management before production rollout.
Core Features & Use Cases
- Security header validation: Checks CSP, X-Frame-Options, X-Content-Type-Options, HSTS and other important headers.
- Browser and API tests: Playwright-style browser tests for XSS and CSRF, API-level checks for authorization and SQL injection, and file upload security scenarios.
- Authentication & authorization checks: Password policy enforcement, account lockout behavior, session timeout simulation, and RBAC verification.
- Use Case: Run this Skill against a staging instance of a legal case management platform to validate input sanitization, secure cookie attributes, CSRF token handling, and that sensitive user data is not exposed via APIs.
Quick Start
Run the security-testing-specialist checklist against your staging site to execute automated header, XSS, CSRF, SQL injection, authentication, authorization, file upload, rate limiting, and HTTPS enforcement checks.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: security-testing-specialist Download link: https://github.com/Whaleylaw/llm-lawyer/archive/main.zip#security-testing-specialist Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.