Summary
This is the defensive counterpart to pentest skills: it teaches you how to write code that resists exploitation rather than how to break into systems. It covers the full stack of application-layer defenses from classic web vulnerabilities (SQLi, XSS, IDOR, BOLA) through modern auth flows (OAuth 2.0, OIDC, JWT handling) to LLM-specific threats like prompt injection and RAG poisoning. The philosophy is builder-focused with a strong emphasis on observability: every fix must include detection signals and regression tests, not just patches. Use this when reviewing pull requests for security issues, hardening authentication flows, or designing guardrails for AI features. It explicitly delegates offensive testing to pentest skills and infrastructure hardening to provisioning skills, staying focused on application code you control.
Install to Claude Code
npx -y skills add telagod/code-abyss --skill defending-applications --agent claude-codeInstalls into .claude/skills of the current project.
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
An agent that runs the SEO playbooks that move rankings and ships PRs you control.
Get founding access →
Connect Claude to +800M contacts, +150M companies. Find & Enrich leads in chat.
Try For Free →Files
SKILL.md
Select a file.
Featured
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →An agent that runs the SEO playbooks that move rankings and ships PRs you control.
Get founding access →Connect Claude to +800M contacts, +150M companies. Find & Enrich leads in chat.
Try For Free →First SeenJun 11, 2026
