Security Audit
OWASP-Security-Audit-Patterns für PHP-Anwendungen.
Installation
Nimm den Weg, der zu deinem Projekt passt — alle führen zum selben Skill.
-
Claude Code über diesen Marketplace /plugin install security-audit@netresearch-claude-code-marketplace -
npx beliebige Agent-Skills-CLI npx skills add https://github.com/netresearch/security-audit-skill --skill security-auditUniverselle Agent-Skills-CLI von
skills.sh— funktioniert in Claude Code, Cursor, GitHub Copilot, Codex, Gemini CLI und 30+ weiteren Agents. -
composer require PHP-Projekt, als Paket composer require netresearch/security-audit-skillSetzt
netresearch/composer-agent-skill-pluginvoraus — bindet Agent Skills als Composer-Dependencies in PHP-Projekte ein, erkennt Skills automatisch, generiert AGENTS.md. -
composer skills:add PHP-Projekt, direkte Quelle composer skills:add github:netresearch/security-audit-skillKommt aus
netresearch/composer-agent-skill-plugin— pinnt Skill-Repos direkt ohne Packagist-Veröffentlichung, persistiert incomposer.skills.lock.
Wofür du den Skill einsetzt
- Vulnerability Assessment: XXE injection, SQL injection, XSS, CSRF, command injection, path traversal, file upload vulnerabilities, insecure deserialization, SSRF, type juggling, SSTI, JWT flaws, LDAP injection, email header injection, session fixation
- Risk Scoring: CVSS v3.1 and v4.0 scoring methodology, risk matrix assessment, impact and likelihood analysis, prioritization frameworks
- Secure Coding: Input validation, output encoding, cryptographic best practices (sodium), session management, authentication patterns, security headers
- Standards Compliance: OWASP Top 10, CWE Top 25 (2025), OWASP ASVS v4.0, Proactive Controls — applicable to any project
- PHP/TYPO3 Deep Scanning: 80+ automated checkpoints, PHP 8.x security features, framework patterns (TYPO3, Symfony, Laravel)
- DevSecOps: CI/CD security pipeline, SAST, dependency scanning, supply chain security, SLSA
Was der Skill im Projekt erwartet
- Add the Netresearch marketplace once, then browse and install skills: