MCP HubMCP Hub
Zurück zu Fähigkeiten

Analyzing Security Headers

jeremylongshore
Aktualisiert Yesterday
65 Ansichten
712
74
712
Auf GitHub ansehen
Metawordaiautomation

Über

Diese Fähigkeit analysiert automatisch die HTTP-Sicherheitsheader einer Website, um Schwachstellen und Fehlkonfigurationen zu identifizieren. Sie liefert einen detaillierten Bericht mit einer Bewertung, einer Punktzahl und umsetzbaren Empfehlungen zur Verbesserung. Entwickler sollten sie nutzen, wenn sie die Sicherheitslage einer Domain überprüfen oder auf headerbezogene Sicherheitsprobleme prüfen müssen.

Schnellinstallation

Claude Code

Empfohlen
Primär
npx skills add jeremylongshore/claude-code-plugins-plus
Plugin-BefehlAlternativ
/plugin add https://github.com/jeremylongshore/claude-code-plugins-plus
Git CloneAlternativ
git clone https://github.com/jeremylongshore/claude-code-plugins-plus.git ~/.claude/skills/Analyzing Security Headers

Kopieren Sie diesen Befehl und fügen Sie ihn in Claude Code ein, um diese Fähigkeit zu installieren

Dokumentation

Overview

This skill allows Claude to automatically analyze a website's HTTP security headers and provide a comprehensive report. It identifies missing or misconfigured headers and offers actionable recommendations to improve security posture.

How It Works

  1. Receives URL: Claude receives a URL or domain name from the user.
  2. Analyzes Headers: The plugin fetches the HTTP headers from the specified URL and analyzes them against security best practices.
  3. Generates Report: The plugin generates a detailed report, including a security grade, score, and specific recommendations for missing or misconfigured headers.

When to Use This Skill

This skill activates when you need to:

  • Analyze the security posture of a website.
  • Identify missing or misconfigured HTTP security headers.
  • Get recommendations for improving website security.
  • Audit a website for compliance with security best practices.

Examples

Example 1: Security Audit

User request: "Analyze the security headers for example.com"

The skill will:

  1. Fetch the HTTP headers from example.com.
  2. Analyze the headers for common security vulnerabilities.
  3. Generate a report outlining the security grade, score, and any identified issues with recommendations.

Example 2: Quick Security Check

User request: "Check HTTP security for mywebsite.net"

The skill will:

  1. Fetch the HTTP headers from mywebsite.net.
  2. Analyze the headers for common security vulnerabilities.
  3. Generate a report outlining the security grade, score, and any identified issues with recommendations.

Best Practices

  • Prioritize HSTS: Ensure HSTS is properly configured to prevent downgrade attacks.
  • Implement CSP: Start with a strict Content Security Policy to mitigate XSS vulnerabilities.
  • Regularly Scan: Schedule regular scans to identify new vulnerabilities and misconfigurations.

Integration

This skill can be used in conjunction with other security plugins to provide a more comprehensive security assessment. For example, it can be paired with a vulnerability scanner to identify both header-related and code-level vulnerabilities.

GitHub Repository

jeremylongshore/claude-code-plugins-plus
Pfad: backups/plugin-enhancements/plugin-backups/security-headers-analyzer_20251019_143714/skills/skill-adapter
aiautomationclaude-codedevopsmarketplacemcp

Verwandte Skills

content-collections

Meta

This skill provides a production-tested setup for Content Collections, a TypeScript-first tool that transforms Markdown/MDX files into type-safe data collections with Zod validation. Use it when building blogs, documentation sites, or content-heavy Vite + React applications to ensure type safety and automatic content validation. It covers everything from Vite plugin configuration and MDX compilation to deployment optimization and schema validation.

Skill ansehen

himalaya-email-manager

Kommunikation

This Claude Skill enables email management through the Himalaya CLI tool using IMAP. It allows developers to search, summarize, and delete emails from an IMAP account with natural language queries. Use it for automated email workflows like getting daily summaries or performing batch operations directly from Claude.

Skill ansehen

sglang

Meta

SGLang is a high-performance LLM serving framework that specializes in fast, structured generation for JSON, regex, and agentic workflows using its RadixAttention prefix caching. It delivers significantly faster inference, especially for tasks with repeated prefixes, making it ideal for complex, structured outputs and multi-turn conversations. Choose SGLang over alternatives like vLLM when you need constrained decoding or are building applications with extensive prefix sharing.

Skill ansehen

evaluating-llms-harness

Testen

This Claude Skill runs the lm-evaluation-harness to benchmark LLMs across 60+ standardized academic tasks like MMLU and GSM8K. It's designed for developers to compare model quality, track training progress, or report academic results. The tool supports various backends including HuggingFace and vLLM models.

Skill ansehen