security-testing
Conducts security testing for vulnerabilities using OWASP principles, ensuring robust authentication and authorization practices.
Install this skill
or
72/100
Security score
The security-testing skill was audited on Feb 28, 2026 and we found 8 security issues across 3 threat categories. Review the findings below before installing.
Categories Tested
Security Issues
medium line 85
Template literal with variable interpolation in command context
SourceSKILL.md
| 85 | const response = await api.get(`/orders/${userBOrder.id}`, { |
medium line 86
Template literal with variable interpolation in command context
SourceSKILL.md
| 86 | headers: { Authorization: `Bearer ${userAToken}` } |
medium line 95
Template literal with variable interpolation in command context
SourceSKILL.md
| 95 | headers: { Authorization: `Bearer ${userToken}` } |
medium line 105
Template literal with variable interpolation in command context
SourceSKILL.md
| 105 | const response = await api.get(`/products?search=${malicious}`); |
medium line 147
Template literal with variable interpolation in command context
SourceSKILL.md
| 147 | expect((await fetch(`https://example.com${ep}`)).status).not.toBe(200); |
low line 145
Access to .env file
SourceSKILL.md
| 145 | const endpoints = ['/debug', '/.env', '/.git', '/admin']; |
low line 147
External URL reference
SourceSKILL.md
| 147 | expect((await fetch(`https://example.com${ep}`)).status).not.toBe(200); |
low line 212
External URL reference
SourceSKILL.md
| 212 | run: docker run owasp/zap2docker-stable zap-baseline.py -t https://staging.example.com |
Scanned on Feb 28, 2026
View Security DashboardGitHub Stars 22
Rating
4.01
Rate this skill
Categorydevelopment
UpdatedMay 13, 2026
claude-codecursorwindsurfclineroo-codeampcodexgoosetraeopencodevibemanusantigravitygemini-clitestingcross-platformqa-engineersecurity-engineerdevops-sredevelopment
mattnigh/skills_collection