Discover and explore top open-source AI tools and projects—updated daily.
agammOWASP security standards for AI and application development
Top 93.1% on SourcePulse
This project provides a Claude Code skill designed to integrate the latest OWASP security best practices (2025-2026) directly into developer workflows. It targets developers using Claude Code, offering immediate access to comprehensive security standards and language-specific guidance to build more secure applications.
How It Works
The skill operates within the Claude Code environment, leveraging its progressive disclosure model. A core SKILL.md file provides quick references for OWASP Top 10:2025, ASVS 5.0, LLM Application security, and Agentic AI security. Additional detailed information, including language-specific security quirks and code examples, is loaded on demand from the reference/ directory. This approach ensures efficient access to relevant security information without overwhelming the user, facilitating context-aware code reviews and secure coding practices.
Quick Start & Requirements
Installation is straightforward using Node.js's npx with degit to copy the GitHub subdirectory: npx degit agamm/claude-code-owasp/.claude/skills/owasp-security .claude/skills/owasp-security. Alternatively, the entire repository can be cloned via git clone https://github.com/agamm/claude-code-owasp.git and the relevant directory copied. The primary requirement is a functional Claude Code environment. No other non-default prerequisites like specific hardware or datasets are mentioned.
Highlighted Details
Maintenance & Community
Contributions are welcomed and can be submitted via pull requests following standard GitHub fork-and-branch workflows. The project is hosted on GitHub at https://github.com/agamm/claude-code-owasp.git. No specific community channels like Discord or Slack are listed in the README.
Licensing & Compatibility
The project is released under the permissive MIT License. This license allows for broad use, modification, and distribution, including integration into commercial and closed-source applications without significant restrictions.
Limitations & Caveats
The primary limitation is its dependency on the Claude Code platform; it cannot be used as a standalone tool. While it provides extensive guidance, developers remain responsible for implementing and verifying security measures. No alpha status or known bugs are mentioned.
1 week ago
Inactive