SkillHub
SkillHubagent skills marketplace
Menu
All SkillsStacksKOLHotRankings
Sign inGet Pro
Back to skills
SkillHub ClubRun DevOpsFull StackSecurityTesting

octopus-security-audit

OWASP compliance, vulnerability scanning, and penetration testing

Packaged view

This page reorganizes the original catalog entry around fit, installability, and workflow context first. The original raw source lives below.

Stars
1,584
Hot score
99
Updated
March 20, 2026
Overall rating
C4.0
Composite score
4.0
Best-practice grade
A88.0

Install command

npx @skill-hub/cli install nyldn-claude-octopus-octopus-security-audit

Repository

nyldn/claude-octopus

Skill path: skills/octopus-security-audit

OWASP compliance, vulnerability scanning, and penetration testing

Open repository

Best for

Primary workflow: Run DevOps.

Technical facets: Full Stack, Security, Testing.

Target audience: everyone.

License: Unknown.

Original source

Catalog source: SkillHub Club.

Repository owner: nyldn.

This is still a mirrored public skill entry. Review the repository before installing into production workflows.

What it helps with

  • Install octopus-security-audit into Claude Code, Codex CLI, Gemini CLI, or OpenCode workflows
  • Review https://github.com/nyldn/claude-octopus before adding octopus-security-audit to shared team environments
  • Use octopus-security-audit for development workflows

Works across

Claude CodeCodex CLIGemini CLIOpenCode

Favorites: 0.

Sub-skills: 0.

Aggregator: No.

Original source / Raw SKILL.md

---
name: octopus-security-audit
version: 1.0.0
description: OWASP compliance, vulnerability scanning, and penetration testing
---

# Security Audit Skill

Invokes the security-auditor persona for thorough security analysis during the `ink` (deliver) phase.

## Usage

```bash
# Via orchestrate.sh
${CLAUDE_PLUGIN_ROOT}/scripts/orchestrate.sh spawn security-auditor "Scan for SQL injection vulnerabilities"

# Via auto-routing (detects security intent)
${CLAUDE_PLUGIN_ROOT}/scripts/orchestrate.sh auto "security audit the payment processing module"
```

## Capabilities

- OWASP Top 10 vulnerability detection
- SQL injection and XSS scanning
- Authentication/authorization review
- Secrets and credential detection
- Dependency vulnerability assessment
- Security configuration review

## Persona Reference

This skill wraps the `security-auditor` persona defined in:
- `agents/personas/security-auditor.md`
- CLI: `codex-review`
- Model: `gpt-5.2-codex`
- Phases: `ink`
- Expertise: `owasp`, `vulnerability-scanning`, `security-review`

## Example Prompts

```
"Scan for hardcoded credentials in the codebase"
"Check for CSRF vulnerabilities in form handlers"
"Review the API authentication implementation"
"Analyze the encryption at rest configuration"
```