This is a systematic security audit framework that walks you through OWASP Top 10 checks across 20 specific rules organized by severity. It covers the usual suspects: broken access control, injection flaws, cryptographic failures, plus things like SSRF, file upload validation, and security headers. Each rule includes bad versus good code examples in TypeScript showing exactly what to look for and how to fix it. The workflow is straightforward: scan by priority level (critical first), load the relevant rule files, document findings with file locations, then provide concrete remediation. Most useful right before production deployment or when auditing authentication flows and API endpoints. The examples are practical enough that you can adapt them directly rather than hunting through OWASP docs.
npx skills add https://github.com/sergiodxa/agent-skills --skill owasp-security-check