Browse Source

fix(skills): Stamp OWASP Top 10 (2021) revision across security-ops

Co-Authored-By: Claude <noreply@anthropic.com>
0xDarkMatter 2 weeks ago
parent
commit
6d92fa795b

+ 3 - 1
skills/security-ops/SKILL.md

@@ -12,6 +12,8 @@ metadata:
 
 Orchestrator for security auditing. Detects project stack inline, dispatches three parallel audit agents (dependency, SAST, auth/config review), consolidates into a severity-ranked OWASP-mapped report.
 
+> Findings map to the **OWASP Top 10 (2021)** revision; a newer revision may exist — re-verify the current list at owasp.org.
+
 ## Architecture
 
 ```
@@ -36,7 +38,7 @@ User requests security audit or mentions security concern
     |       |       +---> Session, CSRF, CORS, CSP, JWT, OAuth, rate limiting, env vars
     |       |       +---> Report: finding, severity, OWASP category, remediation
     |       |
-    |       +---> Consolidate: deduplicate, rank by severity, map to OWASP Top 10
+    |       +---> Consolidate: deduplicate, rank by severity, map to OWASP Top 10 (2021)
     |
     +---> T3: Remediate (dispatch general-purpose + skill preload, foreground + confirm)
             +---> Agent proposes specific fixes

+ 3 - 1
skills/security-ops/references/audit-quickref.md

@@ -2,7 +2,9 @@
 
 Essential security patterns for rapid triage during code review and audit.
 
-## OWASP Top 10 Quick Reference
+## OWASP Top 10 (2021) Quick Reference
+
+> A newer OWASP revision may exist — re-verify the current list at owasp.org.
 
 | Rank | Vulnerability | Prevention |
 |------|--------------|------------|

+ 2 - 2
skills/security-ops/references/owasp-detailed.md

@@ -1,6 +1,6 @@
-# OWASP Top 10 Detailed Guide
+# OWASP Top 10 (2021) Detailed Guide
 
-In-depth coverage of OWASP Top 10 2021 vulnerabilities.
+In-depth coverage of OWASP Top 10 (2021) vulnerabilities; a newer revision may exist — re-verify the current list at owasp.org.
 
 ## A01: Broken Access Control