Skip to main content

integrating-dast-with-owasp-zap-in-pipeline

Integrates OWASP ZAP for dynamic application security testing in CI/CD pipelines, enhancing security through automated scans.

Install this skill

or
75/100

Security score

The integrating-dast-with-owasp-zap-in-pipeline skill was audited on Jun 5, 2026 and we found 13 security issues across 3 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 56

Template literal with variable interpolation in command context

SourceSKILL.md
56```yaml
medium line 100

Template literal with variable interpolation in command context

SourceSKILL.md
100```yaml
medium line 77

Curl to non-GitHub URL

SourceSKILL.md
77options: --health-cmd="curl -f http://localhost:8080/health" --health-interval=10s --health-timeout=5s --health-retries=5
low line 77

External URL reference

SourceSKILL.md
77options: --health-cmd="curl -f http://localhost:8080/health" --health-interval=10s --health-timeout=5s --health-retries=5
low line 85

External URL reference

SourceSKILL.md
85target: 'http://webapp:8080'
low line 110

External URL reference

SourceSKILL.md
110target: ${{ github.event.inputs.target_url || 'https://staging.example.com' }}
low line 136

External URL reference

SourceSKILL.md
136target: 'https://staging.example.com/api/openapi.json'
low line 172

External URL reference

SourceSKILL.md
172test: ["CMD", "curl", "-f", "http://localhost:8080/health"]
low line 183

External URL reference

SourceSKILL.md
183-t http://webapp:8080
low line 236

External URL reference

SourceSKILL.md
236Target: https://staging.example.com
low line 249

External URL reference

SourceSKILL.md
249URL: https://staging.example.com/search?q=<script>
low line 254

External URL reference

SourceSKILL.md
254URL: https://staging.example.com/api/v1/*
low line 258

External URL reference

SourceSKILL.md
258URL: https://staging.example.com/
Scanned on Jun 5, 2026
View Security Dashboard
Installation guide →
GitHub Stars 1
Rate this skill
Categorydevelopment
UpdatedJune 7, 2026
github-copilotclaude-codecursoropencodewindsurfclineroo-codeampcodexgoosetraeopenclawmanusdevopstestingapicross-platformdevops-sresecurity-engineerbackend-developerqa-engineerproduct-managergithubgitlabdockerdevelopmentproduct
seikaikyo/dash-skills