Get the FREE Ultimate OpenClaw Setup Guide →

cyber-owasp-review

npx machina-cli add skill 0x-Professor/Agent-Skills-Hub/cyber-owasp-review --openclaw
Files (1)
SKILL.md
882 B

Cyber OWASP Review

Overview

Normalize application security findings into OWASP categories and produce remediation actions.

Workflow

  1. Ingest raw findings from scanners, tests, or reviews.
  2. Map findings to OWASP categories using keyword and context matching.
  3. Aggregate findings by category and severity.
  4. Produce category-specific remediation checklist output.

Use Bundled Resources

  • Run scripts/map_findings_to_owasp.py for deterministic mapping.
  • Read references/owasp-mapping-guide.md for category heuristics.

Guardrails

  • Keep guidance remediation-focused.
  • Do not provide exploit payloads or offensive attack playbooks.

Source

git clone https://github.com/0x-Professor/Agent-Skills-Hub/blob/main/skills/cyber-owasp-review/SKILL.mdView on GitHub

Overview

Cyber OWASP Review normalizes application security findings into OWASP Top 10 categories and generates remediation actions for each category. This structured output supports normalized AppSec reviews and enables category-level prioritization across scanner results, tests, and reviews. It helps teams communicate risk consistently to stakeholders.

How This Skill Works

Raw findings from scanners, tests, or reviews are ingested, then mapped to OWASP categories using keyword and context matching. Findings are aggregated by category and severity, and a category-specific remediation checklist output is produced.

When to Use It

  • When consolidating scanner outputs (DAST/SAST) into a standardized OWASP-based report.
  • During penetration testing to map findings to OWASP categories for prioritization.
  • When multiple tools use different vocabularies, to harmonize into OWASP categories.
  • For creating normalized AppSec review outputs for audits or executive dashboards.
  • When you need category-specific remediation checklists to drive fixes.

Quick Start

  1. Step 1: Ingest raw findings from scanners, tests, or reviews.
  2. Step 2: Run scripts/map_findings_to_owasp.py to map findings to OWASP categories.
  3. Step 3: Aggregate by category and severity and produce category-specific remediation checklists.

Best Practices

  • Reference the OWASP mapping guide to ensure category heuristics are consistent.
  • Ingest diverse inputs (scanners, tests, reviews) to improve mapping coverage.
  • Run deterministic mapping with scripts/map_findings_to_owasp.py for repeatable results.
  • Aggregate by category and severity before generating remediation outputs.
  • Keep all guidance remediation-focused; avoid exploit payloads or offensive content.

Example Use Cases

  • Quarterly AppSec report mapping DAST/SAST findings to OWASP Top 10 categories with category-specific remediations.
  • Consolidated findings from multiple tools harmonized to OWASP categories for executive dashboards.
  • Pentest results mapped to OWASP categories and translated into remediation checklists prioritized by risk.
  • SAST findings mapped by keyword/context and aggregated by severity to drive fixes.
  • Audit-ready reports with normalized OWASP-aligned results used for compliance reviews.

Frequently Asked Questions

Add this skill to your agents
Sponsor this space

Reach thousands of developers