Skip to main content

owasp-asi

OWASP Top 10 for Agentic Applications 2026 (ASI) classification framework. Use for mapping security findings to standardized risk categories.

v1.0.0New
0

Unsigned, install at your own risk

Unverified

This skill has no cryptographic signature attached. We can't verify the contents match what the publisher intended.

Install this skill

Run this command in your terminal. No account required — it auto-detects your AI tool and installs the skill file.

npx @skills-hub-ai/cli install tencent-ai-infra-guard-owasp-asi
Or download directly:
Browse all CLI commands →

Setup by platform

Claude Code

~/.claude/skills/<skill>/SKILL.md

Setup guide →

Install

One-click setup for your editor

Run in your project root

npx @skills-hub-ai/cli install tencent-ai-infra-guard-owasp-asi --target claude-code

Instructions

This skill doesn’t include stateful context yet, instructions only. Learn about stateful skills.

Security

Loading security scan...

Reviews (0)

Browse all
aig-agent-redteam当用户要求 AI/Agent 安全评估、蓝军演习、AI 安全审查、提示词注入测试、MCP/Skill/插件/代码包审计、Agent 工具链滥用测试,或需要生成类似渗透测试报告的 Markdown/HTML 时,必须使用本 skill。本 skill 让 Agent 以授权蓝军视角成为 AI 安全专家,面向 AI 产品、Agent、MCP Server、Skill、代码仓库和 AI 基础设施进行安全演习。优先使用第一性原理推理和真实证据,而不是机械跑 payload 库;脚本只用于 HTTP 指纹识别、证据聚合、报告渲染等确定性辅助任务。0 installsedgeone-clawscanThe first security skill to install after setting up OpenClaw — powered by Tencent Zhuque Lab. Works like an antivirus for your AI environment: audits installed skills, scans skills before installation, and performs a full OpenClaw security health check to prevent data leaks and privacy risks. Backed by Tencent Zhuque Lab A.I.G (AI-Infra-Guard). Use when the user asks to start a security health check or security scan for the current OpenClaw environment, such as `开始安全体检`, `做一次安全体检`, `开始安全扫描`, `全面安全检查`, or `检查 OpenClaw 安全`; also use when the user asks to audit a specific skill before installation, review installed skills for supply chain risk, or investigate whether a skill is safe. Do not trigger for general OpenClaw usage, project debugging, environment setup, or normal development requests. Optional cloud mode: set AIG_CLOUD_LOOKUP=off for zero outbound HTTPS; when enabled, only skill_name, source label, and OpenClaw version are sent to A.I.G (never skill bodies, chats, or workspace 0 installstool-abuse-detectionDetect tool misuse and unexpected code execution via dialogue testing. Use when the agent exposes file, code-execution, or network tools.0 installsmemory-poisoning-detectionDetect persistent instruction injection or long-term memory poisoning. Focus on writing/retaining hostile instructions for future tasks, not data leakage.0 installsindirect-injection-detectionDetect indirect prompt injection (goal hijack). Instructions hidden in "external" content (documents, RAG, web) that the agent processes. Use when the agent has document/RAG/web/file input.0 installsedgeone skill scannerScan any agent skill for security risks before you install or use it. Powered by Tencent Zhuque Lab A.I.G (AI-Infra-Guard). 100% local static analysis — no file contents or credentials leave your device. Compatible with CodeBuddy, Cursor, Windsurf, Claude Code, OpenClaw and more. Triggers on: `这个 skill 安全吗`, `skill 安全扫描`, `检查 skill 安全`, `audit skill`, `scan skill`, `check skill safety`, `analyze skill`, `inspect skill`, `verify skill`, `skill security`, `skill supply chain`. Do NOT trigger for general agent usage, full system health checks, project debugging, or normal development.0 installs

More from Tencent AI-Infra-Guard

View source

More Build skills

Browse category
ui-design-systemUI design system toolkit for Senior UI Designer including design token generation, component documentation, responsive design calculations, and developer handoff tools. Use for creating design systems, maintaining visual consistency, and facilitating design-dev collaboration.43 installsself-improving-agentCurate Claude Code's auto-memory into durable project knowledge. Analyze MEMORY.md for patterns, promote proven learnings to CLAUDE.md and .claude/rules/, extract recurring solutions into reusable skills. Use when: (1) reviewing what Claude has learned about your project, (2) graduating a pattern from notes to enforced rules, (3) turning a debugging solution into a skill, (4) checking memory health and capacity.29 installssenior-frontendFrontend development skill for React, Next.js, TypeScript, and Tailwind CSS applications. Use when building React components, optimizing Next.js performance, analyzing bundle sizes, scaffolding frontend projects, implementing accessibility, or reviewing frontend code quality.15 installsfrontend-designGuidance for distinctive, intentional visual design when building new UI or reshaping an existing one. Helps with aesthetic direction, typography, and making choices that don't read as templated defaults.14 installsusing-superpowersUse when starting any conversation - establishes how to find and use skills, requiring skill invocation before ANY response including clarifying questions14 installssenior-backendDesigns and implements backend systems including REST APIs, microservices, database architectures, authentication flows, and security hardening. Use when the user asks to "design REST APIs", "optimize database queries", "implement authentication", "build microservices", "review backend code", "set up GraphQL", "handle database migrations", or "load test APIs". Covers Node.js/Express/Fastify development, PostgreSQL optimization, API security, and backend architecture patterns.11 installs

Frequently asked questions about owasp-asi

What does the owasp-asi skill do?

OWASP Top 10 for Agentic Applications 2026 (ASI) classification framework. Use for mapping security findings to standardized risk categories. It's a reusable SKILL.md instruction set that loads into your AI coding assistant on demand, no prompt engineering, no copy-pasting every session.

How do I install the owasp-asi skill?

Run `npx @skills-hub-ai/cli install tencent-ai-infra-guard-owasp-asi` from your terminal. The CLI writes the SKILL.md to the correct location for your AI tool (e.g. ~/.claude/skills/tencent-ai-infra-guard-owasp-asi/ for Claude Code or ~/.cursor/skills/ for Cursor with --target cursor) and adds it to your project's .skills.json lockfile.

Which AI tools does owasp-asi work with?

owasp-asi runs in Claude Code. It follows the open Agent Skills standard (SKILL.md), so the same skill works in every supported tool without modification.

Is the owasp-asi skill free?

Yes. Every skill on skills-hub.ai is free and open-source. There are no premium tiers, paywalls, or usage limits. You only pay for whatever AI assistant you're already using.

How do I use owasp-asi after installing it?

In Claude Code, type `/tencent-ai-infra-guard-owasp-asi` (or whatever slash command the skill registers) and the AI follows the skill's instructions immediately. You can also reference it by name in natural language, your AI loads the skill into context when relevant.

Can I share the owasp-asi skill with my team?

Yes. Commit your project's .skills.json lockfile and teammates run `npx @skills-hub-ai/cli install` (no args) to install every skill at the exact version you pinned. Organization-scoped installs work via skills-hub.ai organizations.