agentskills.codes
SE

Use when performing security audits, threat modeling, vulnerability assessments, or dependency reviews. Provides OWASP checklists, STRIDE templates, vulnerability report structures, and dependency audit formats.

Install

mkdir -p .claude/skills/security-ivegamsft && curl -L -o skill.zip "https://agentskills.codes/api/skills/download/15838" && unzip -o skill.zip -d .claude/skills/security-ivegamsft && rm skill.zip

Installs to .claude/skills/security-ivegamsft

Activation

This is the description your AI agent reads to decide when to run this skill — the better it matches your request, the more reliably it fires.

Use when performing security audits, threat modeling, vulnerability assessments, or dependency reviews. Provides OWASP checklists, STRIDE templates, vulnerability report structures, and dependency audit formats.
211 chars✓ has a “when” trigger

About this skill

Security Skill

Use this skill when the task involves auditing code for security vulnerabilities, modeling threats, reviewing dependencies for known CVEs, or enforcing secure coding standards.

When to Use

  • Performing an OWASP Top 10 review on an application
  • Conducting STRIDE threat modeling for a new feature or architecture change
  • Scanning for hardcoded secrets or credentials in source code
  • Auditing dependency manifests for known vulnerabilities
  • Documenting security findings in a structured vulnerability report
  • Reviewing code for secure coding compliance

How to Invoke

Reference this skill by attaching skills/security/SKILL.md to your agent context, or instruct the agent:

Use the security skill. Apply the OWASP checklist and STRIDE threat model template to the modules being audited.

Templates in This Skill

TemplatePurpose
owasp-checklist.mdOWASP Top 10 evaluation checklist with pass/fail tracking per category
stride-threat-model-template.mdSTRIDE threat modeling template for enumerating and rating threats per component
vulnerability-report-template.mdStructured vulnerability report for compiling all findings with severity ratings
dependency-audit-template.mdDependency audit template for documenting CVEs, affected packages, and remediation

Agent Pairing

This skill is designed to be used alongside the security-analyst agent. The agent drives the audit workflow; this skill provides the reference templates and checklists.

For backend-specific security concerns, pair with the backend-dev agent's security defaults. For frontend-specific concerns (CSP, XSS, CORS), pair with the frontend-dev agent.

Related Guardrails

  • Security Findings Triage — SLA-based triage process for severity classification, ownership, and remediation tracking

Search skills

Search the agent skills registry