Skip to content

agamm/claude-code-owasp

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
.claude/skills/owasp-security
.claude/skills/owasp-security
 
 
LICENSE
LICENSE
 
 
OWASP-2025-2026-Report.md
OWASP-2025-2026-Report.md
 
 
README.md
README.md
 
 

Repository files navigation

OWASP Security Skill for Claude Code

A Claude Code skill providing the latest OWASP security best practices (2025-2026) for developers building secure applications.

Quick Install (One Line)

Add this skill to any project with a single command:

curl -sL https://raw.githubusercontent.com/agamm/claude-code-owasp/main/.claude/skills/owasp-security/SKILL.md -o .claude/skills/owasp-security/SKILL.md --create-dirs

Or install globally for all projects:

curl -sL https://raw.githubusercontent.com/agamm/claude-code-owasp/main/.claude/skills/owasp-security/SKILL.md -o ~/.claude/skills/owasp-security/SKILL.md --create-dirs

What's Included

Claude Code Skill

Location: .claude/skills/owasp-security/SKILL.md

  • OWASP Top 10:2025 quick reference table
  • Security code review checklists for input handling, auth, access control, data protection, and error handling
  • Secure code patterns with unsafe/safe examples
  • OWASP Agentic AI Security (2026) - ASI01-ASI10 risks for AI agent systems
  • ASVS 5.0 key requirements by verification level
  • Language-specific security quirks for 20+ languages with deep analysis guidance

Research Report

Location: OWASP-2025-2026-Report.md

Comprehensive documentation covering all OWASP 2025-2026 standards.

Usage

Once installed, Claude Code automatically activates this skill when you:

  • Review code for security vulnerabilities
  • Implement authentication or authorization
  • Handle user input or external data
  • Work with cryptography or password storage
  • Design API endpoints
  • Build AI agent systems

Example Prompts

"Review this code for security issues"
"Is this authentication implementation secure?"
"What are the security risks in this Python code?"
"Help me implement secure session management"
"Check this AI agent for OWASP agentic risks"

Covered Standards

Standard Version Focus
OWASP Top 10 2025 Web application vulnerabilities
OWASP ASVS 5.0.0 Security verification requirements
OWASP Agentic 2026 AI agent security risks

Language Coverage

Security quirks for 20+ languages including:

Web Systems Mobile Scripting
JavaScript/TypeScript C/C++ Swift Python
PHP Rust Kotlin Ruby
Java Go Dart Perl
C# Shell

Each language section includes common vulnerabilities, unsafe/safe code patterns, and key functions to watch for.

Alternative Installation

Clone Full Repository

git clone https://github.com/agamm/claude-code-owasp.git
cp -r claude-code-owasp/.claude/skills/owasp-security YOUR_PROJECT/.claude/skills/

Contributing

Contributions welcome! Please:

  1. Fork the repository
  2. Create a feature branch
  3. Submit a pull request

Sources

License

MIT License - See LICENSE file for details.

Keywords: OWASP, security, Claude Code, AI security, application security, ASVS, secure coding, vulnerability, injection, XSS, CSRF, authentication, authorization

About

Claude Code skill for OWASP security best practices (2025-2026). Includes Top 10:2025, ASVS 5.0, Agentic AI security, and 20+ language-specific security quirks.

Topics

security owasp vulnerability appsec secure-coding claude asvs ai-security claude-code claude-skills

Resources

Readme

License

MIT license
Activity

Stars

125 stars

Watchers

1 watching

Forks

13 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors