Security Scanner — OWASP Top 10:2025

Performs a systematic security audit of any codebase against all 10 OWASP 2025 categories. Produces a structured markdown report with severity ratings, code locations, and actionable remediation guidance.

Execution Flow

Follow these four steps in order. Do not skip any step.

Step 1: Detect Project Context

Determine whether you are working within an existing project or a blank workspace.

Check for source code by looking for common project indicators:

• package.json, requirements.txt, go.mod, pom.xml, Cargo.toml, Gemfile, *.csproj, composer.json
• Or any src/, app/, lib/ directory containing code files

If source code is found: Use the current working directory as the analysis target. Proceed to Step 2.