testing-security

star 34

Basic security testing (OWASP, auth, data exposure)

OzeroHAX By OzeroHAX schedule Updated 2/16/2026
play_arrow Run Skill in Manus View GitHub

name: testing-security description: Basic security testing (OWASP, auth, data exposure)

Authorization model and roles List of critical endpoints/functions Data classification and risk areas Allowed check set and environment Access to logs/monitoring and request-id Verify authn/authz for each role and forbidden path Verify session management (expiration, logout, refresh) Verify input validation (XSS/SQLi) without destroying data Verify CSRF for state-changing operations (if applicable) Verify rate limiting and abuse blocking Check data leaks in responses, logs, and errors Broken access control Authentication failures Security misconfiguration Data exposure (PII/secrets) Validation and injection vulnerabilities All steps are reproducible and documented Role, token, and request context are stated Evidence exists (request/response, request-id) Risk assessment is tied to data and roles Do not run security tests without permission Do not test production without permission Do not perform destructive actions and mass deletions Do not extract or store real user data Verify User role access to an Admin resource (must be forbidden) Verify session expiration and inaccessibility after logout Verify handling of dangerous characters in input fields
Install via CLI
npx skills add https://github.com/OzeroHAX/AssistAgents --skill testing-security
Repository Details
star Stars 34
call_split Forks 7
navigation Branch main
article Path SKILL.md
More from Creator
OzeroHAX
OzeroHAX Explore all skills →