Security Audit And Vulnerability Scanning

What it does

This skill performs security audits and vulnerability scans on provided URLs or code snippets. It identifies potential weaknesses, such as outdated software versions, common vulnerabilities (like SQL injection or cross-site scripting), and misconfigurations. The results are presented in a structured format highlighting the severity of each identified issue.

When to use it

• Website Security Check: Before launching a new website or application, assess its security posture.
• Code Review: Identify potential vulnerabilities during code development or review processes.
• Penetration Testing Preparation: Gather initial vulnerability data before conducting more in-depth penetration testing.
• Compliance Audits: Assist with demonstrating adherence to security standards and regulations.

Key capabilities

• URL scanning for web application vulnerabilities
• Code snippet analysis for potential flaws
• Identification of common vulnerability types (e.g., SQL injection, XSS)
• Structured reporting of findings including severity levels

Example prompts

• "Scan this URL for vulnerabilities: https://example.com"
• "Perform a security audit on this Python code snippet: [code]"
• "Find any potential SQL injection flaws in the following PHP code."

Tips & gotchas

The accuracy of the scan depends on the complexity and obscurity of the target system or code. This skill is best used as an initial assessment tool, not a replacement for comprehensive security testing performed by human experts.