OWASP® Top 10 — Skill Entry

This SKILL.md is the entrypoint for the OWASP Top 10 skill.

The skill encodes the OWASP Top 10 for Web Applications (2025) as structured, machine-readable references that an agent can query to identify, assess, and remediate web application security risks.

Normative references (Web Top 10)

1. 00 Vulnerability Index
2. 01 Broken Access Control
3. 02 Security Misconfiguration
4. 03 Software Supply Chain Failures
5. 04 Cryptographic Failures
6. 05 Injection
7. 06 Insecure Design
8. 07 Authentication Failures
9. 08 Software or Data Integrity Failures
10. 09 Security Logging and Alerting Failures
11. 10 Mishandling of Exceptional Conditions

Skill layout

• SKILL.md — this file (skill entrypoint).
• references/ — the Web Top 10 normative documents.
  • 00-vulnerability-index.md — index of all vulnerability identifiers, categories, and cross-references.
  • 01 through 10 — one document per vulnerability aligned with OWASP Web Application Security numbering.

Third-Party Attribution

Copyright © OWASP Foundation. OWASP® Top 10 (2025) content is derived from works by the OWASP Foundation, licensed under CC BY-SA 4.0 (https://creativecommons.org/licenses/by-sa/4.0/). Source: https://owasp.org/Top10/2025/ Modifications: Vulnerability descriptions restructured into agent-consumable reference documents with added detection and remediation guidance. OWASP® is a registered trademark of the OWASP Foundation. Use does not imply endorsement.

🤖 Crafted with precision by ✨Copilot following brilliant human instruction, then carefully refined by our team of discerning human reviewers.