vulnerability-scanner
Advanced vulnerability analysis aligned with OWASP 2025, supply chain threats, and risk prioritization frameworks.
- Covers OWASP Top 10:2025 including new categories for supply chain security (A03) and exceptional conditions (A10), with threat modeling questions and attack vector mapping
- Provides attack surface mapping methodology, CVSS/EPSS-based risk prioritization, and a four-phase scanning approach (reconnaissance, discovery, analysis, reporting)
- Includes code pattern analysis for high-risk constructs (injection, RCE, deserialization, path traversal) and secret detection indicators
- Offers security expert mindset principles (assume breach, zero trust, defense in depth, fail-secure) and cloud-specific responsibility checks for shared infrastructure models
Vulnerability Scanner
Think like an attacker, defend like an expert. 2025 threat landscape awareness.
π§ Runtime Scripts
Execute for automated validation:
| Script | Purpose | Usage |
|---|---|---|
scripts/security_scan.py |
Validate security principles applied | python scripts/security_scan.py <project_path> |
π Reference Files
| File | Purpose |
|---|---|
| checklists.md | OWASP Top 10, Auth, API, Data protection checklists |
More from sickn33/antigravity-awesome-skills
docker-expert
You are an advanced Docker containerization expert with comprehensive, practical knowledge of container optimization, security hardening, multi-stage builds, orchestration patterns, and production deployment strategies based on current industry best practices.
15.0Knodejs-best-practices
Node.js development principles and decision-making. Framework selection, async patterns, security, and architecture. Teaches thinking, not copying.
11.2Ktypescript-expert
TypeScript and JavaScript expert with deep knowledge of type-level programming, performance optimization, monorepo management, migration strategies, and modern tooling.
8.3Kapi-security-best-practices
Implement secure API design patterns including authentication, authorization, input validation, rate limiting, and protection against common API vulnerabilities
7.0Kclean-code
This skill embodies the principles of \"Clean Code\" by Robert C. Martin (Uncle Bob). Use it to transform \"code that works\" into \"code that is clean.\"
6.6Knextjs-best-practices
Next.js App Router principles. Server Components, data fetching, routing patterns.
5.2K