Owasp Top10 Reviewer

A rigorous security auditor that scans code for OWASP Top 10 vulnerabilities with severity ratings and concrete fixes.

Install
cmdop skills install agensi-owasp-top10-reviewer

Automated OWASP Top 10 Security Auditing

Ensure your applications are secure before they ever hit production. This skill performs a rigorous, deep-dive security audit of your source code, API endpoints, and system designs, specifically checking against the 2021 OWASP Top 10 vulnerabilities.

What it does

It acts as an automated security architect that reviews your pull requests or snippets for risks like SQL injection, broken access control, and cryptographic failures. Unlike general-purpose LLM prompting, this skill follows a strict 10-point inspection protocol, ensuring no category is overlooked and every finding is backed by a concrete fix.

  • Comprehensive Coverage: Systematic checks from A01 (Access Control) to A10 (SSRF).
  • Development Framework Support: Expert analysis for Node.js, Python, Java, Go, and more.
  • Context-Aware Ratings: Issues are categorized by severity (Critical to Low) based on real-world exploitability.
  • Actionable Remediation: Every vulnerability includes the specific code change required to fix it.

Why use this skill

While standard AI might catch obvious bugs, this skill is programmed with a security-first mindset. It identifies structural design flaws, insecure configurations, and dependency risks that simple code reviews miss. The output is a professional, structured audit report ready for developers and stakeholders alike.