Skills

owasp-top-10-web

Installation
SKILL.md

OWASP Top 10:2021 — Web Application Security Review

When to Use

If a target is provided via arguments, focus the review on: $ARGUMENTS

Invoke this skill when:

  • Reviewing web application source code for security vulnerabilities.
  • Auditing server or framework configurations (e.g., Express, Django, Rails, Spring Boot, ASP.NET).
  • A user requests a "security review," "pentest prep," or "OWASP check" against a web application.
  • Evaluating pull requests that touch authentication, authorization, input handling, cryptography, or external integrations.
  • Assessing a new web project's architecture for secure design principles before implementation begins.

Do not use this skill for mobile-only, IoT firmware, or non-web API reviews — use a domain-specific skill instead.

Context

The OWASP Top 10:2021 is the authoritative awareness document for web application security. It represents broad consensus on the most critical security risks to web applications, derived from CWE data mapped across hundreds of organizations. Each category aggregates multiple CWEs under a unifying risk theme.

Installs
11
Repository
unitoneai/securityskills
GitHub Stars
19
First Seen
May 4, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykFail
owasp-top-10-web — unitoneai/securityskills