Source-backed facts for citing this resource, derived directly from the registry — also available as plain text for AI assistants.
- Source URLs
- https://owasp.org/www-project-web-security-testing-guide/stable/, https://github.com/JSONbored/awesome-claude/blob/main/content/rules/security-auditor.mdx
- Safety notes
- Only assess, scan, or test systems you own or are explicitly authorized to test; unauthorized penetration testing or exploitation is illegal., Treat any active scanning, exploitation, or DAST tooling as potentially destructive; run it against staging or scoped targets, never production without written authorization., Vulnerability findings and exploit details are sensitive; handle and disclose them responsibly rather than committing live exploits or unredacted reports.
- Privacy notes
- Security review reads source code, configuration, environment files, and logs that can contain secrets, API keys, tokens, credentials, and PII., Do not paste discovered secrets, customer data, or internal log contents into shared chats, issues, or public notes; redact before reporting., Scanned outputs and incident artifacts may carry user data subject to GDPR/CCPA; store and transmit them only through approved, access-controlled channels.
- Author
- JSONbored
- Claim status
- unclaimed
- Last verified
- 2025-09-15