moai-ref-owasp-checklist
FeaturedOWASP Top 10 security checklist, authentication patterns, input validation, and HTTP security headers reference. Agent-extending skill that amplifies backend-implementation and security-audit workflows with production-grade security patterns. NOT for: frontend UI, DevOps deployment, performance optimization, testing strategy.
Install
Quality Score: 99/100
Skill Content
Details
- Author
- modu-ai
- Repository
- modu-ai/moai-adk
- Created
- 9 months ago
- Last Updated
- today
- Language
- Go
- License
- Apache-2.0
Integrates with
Similar Skills
Semantically similar based on skill content — not just same category
security-checklist
OWASP-based security checklist any agent can reference when reviewing or writing code
moai-ref-llm-security
AI/LLM defensive security reference: prompt-injection defense, OWASP LLM Top 10 defensive mapping, MCP and agentic tool-call hardening, training-data poisoning detection, model-output validation and guardrails, MITRE ATLAS defensive correlation, and NIST AI RMF governance. Agent-extending skill that amplifies backend, security, and AI-application engineering with production-grade defensive patterns for LLM-backed systems. NOT for: offensive techniques (jailbreak authoring, attack-payload crafting, red-team exploitation), model training or fine-tuning methodology, prompt optimization for capability, web-app OWASP Top 10 (see moai-ref-owasp-checklist), or general API design (see moai-ref-api-patterns).
moai-ref-secops
DevSecOps, container, and API operational defensive security reference: CI/CD pipeline hardening, secret scanning, IaC misconfiguration detection, SAST/DAST integration, container image scanning, Kubernetes RBAC hardening, container-escape defense, runtime threat detection, OWASP API Top 10 operational defense, WAF rule tuning, and GraphQL/REST depth and rate limiting. Agent-extending skill that amplifies backend, security, and platform-engineering work with production-grade defensive patterns for pipelines, containers, and running APIs. NOT for: offensive techniques (exploit execution, container-escape attack steps, privilege-escalation procedures, attack tooling), dev-time web-app OWASP Top 10 (see moai-ref-owasp-checklist), LLM/AI security (see moai-ref-llm-security), supply-chain provenance and signing (see moai-ref-supply-chain), or general API design (see moai-ref-api-patterns).