Skills
.Work. You
Rest

x-run-dynamic-pentest

Community

Gate DAST tests with ZAP & Nuclei.

Software Engineering#security#ci-cd#gate#zap#nuclei#dast#sarif
Authoredercnj
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This Skill orchestrates dynamic security testing gates by reading quality.dast, selecting a scan tier (smoke for PR gates or full for nightly runs), and dispatching OWASP ZAP and Nuclei against the configured non-production target. It generates a SARIF 2.1.0 report plus a Markdown summary to inform developers and gatekeepers.

Core Features & Use Cases

  • Tiered testing: supports smoke and full scans, enabling fast PR checks or comprehensive nightly scans.
  • Integrated reporting: emits SARIF results and a Markdown summary for easy review.
  • Guardrails: enforces non-production targets and validates tool availability before execution.

Quick Start

Trigger the x-run-dynamic-pentest gate with a STORY-ID to run DAST scans against a non-production target and generate a SARIF report.

Dependency Matrix

Required Modules

None required

Components

Standard package

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: x-run-dynamic-pentest
Download link: https://github.com/edercnj/ia-dev-environment/archive/main.zip#x-run-dynamic-pentest

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.