Summary
This is a structured workflow for testing web apps against OWASP Top 10 vulnerabilities, broken into seven phases from reconnaissance through reporting. It chains together specialist skills like sql-injection-testing, xss-html-injection, and idor-testing with copy-paste prompts at each stage. Honestly most useful as a checklist to make sure you're not skipping categories during a pentest or bug bounty session. The phase structure keeps you methodical, which matters when you're context-switching between injection types and access control issues. Assumes you already have the component skills installed and know enough about web security to interpret what Claude finds.
Install to Claude Code
npx -y skills add sickn33/antigravity-awesome-skills --skill web-security-testing --agent claude-codeInstalls into .claude/skills of the current project.
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →
Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
Files
SKILL.md
Select a file.
Featured
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
