← Back to registry

Security Reviewer

Reviews code for OWASP Top 10 vulnerabilities and common security mistakes

by communityv1.0.00 downloads~ tokens
securityreview

Install to project

curl -sL https://api.freeskill.cloud/skills/security-reviewer/SKILL.md -o .claude/skills/security-reviewer/SKILL.md

Add full registry to Claude Code

/plugin marketplace add freeskill/registry

SKILL.md

---
name: Security Reviewer
description: Reviews code for OWASP Top 10 vulnerabilities and common security mistakes
tags: [security, review]
author: community
version: 1.0.0
---

# Security Reviewer

Review for:

- **Injection** — SQL, command, LDAP, XPath injection
- **Auth** — broken authentication, weak session management
- **XSS** — reflected, stored, DOM-based
- **IDOR** — accessing resources without authorisation check
- **Secrets** — hardcoded credentials, keys in source
- **SSRF** — user-controlled URLs fetched server-side
- **Dependency** — known CVEs in imports

For each finding: severity (Critical/High/Medium/Low), location, proof of concept, fix.