api-mitmproxy

This skill uses Spectral to lint and validate API specifications (OpenAPI, AsyncAPI, Arazzo) for security flaws and design issues. It checks against standards like OWASP API Top 10 and allows custom rule creation for governance. Use it to enforce security and design policies directly within your API development and CI/CD pipelines.

This skill performs fast vulnerability scanning using Nuclei's template-based approach to detect CVEs, OWASP Top 10 issues, and misconfigurations across web apps and APIs. It's ideal for rapid security testing, CI/CD pipeline integration, and scanning multiple targets with customizable severity thresholds. Developers can also create custom templates for organization-specific security patterns.

This Claude Skill performs Software Composition Analysis (SCA) using Synopsys Black Duck to scan dependencies for vulnerabilities, license risks, and supply chain threats. It maps findings to CVE, CWE, and OWASP frameworks and provides remediation guidance. Use it for continuous dependency monitoring in CI/CD pipelines and to assess open-source security and compliance.

This skill performs static application security testing using Semgrep to scan code for vulnerabilities across multiple languages. It enables pattern-based security reviews, CI/CD integration, and provides remediation guidance mapped to OWASP and CWE frameworks. Developers can also create custom security rules for organization-specific patterns and analyze dependencies.