Stats
Actions
Tags
From oh-my-secuaudit
DAST/ASM workflow for external asset discovery, probing, and scanning with SARIF output. Use for runtime/endpoint-based assessments and asset management scanning.
How this skill is triggered — by the user, by Claude, or both
Slash command
/oh-my-secuaudit:sec-audit-dastThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Run DAST/ASM pipelines (URL track and IP track) and produce SARIF outputs for findings. Use this when scanning live targets or external surfaces.
agents/openai.yamlreferences/asm_csv.mdreferences/asm_scripts.mdreferences/asm_sources.mdreferences/reporting_summary.mdreferences/sarif_conversion.mdreferences/severity_criteria.mdreferences/severity_criteria_detail.mdschemas/finding_schema.jsonschemas/reporting_summary_schema.jsonschemas/task_output_schema.jsonscripts/asm_findings_to_csv.pyscripts/generate_reporting_summary.pyscripts/sarif_from_csv.pyRun DAST/ASM pipelines (URL track and IP track) and produce SARIF outputs for findings. Use this when scanning live targets or external surfaces.
references/asm_sources.md for canonical docs and process context.references/asm_scripts.md for the script entrypoints.references/asm_csv.md for CSV extraction from ASM outputs.references/sarif_conversion.md for CSV->SARIF conversion when needed.references/severity_criteria.md plus references/severity_criteria_detail.md for risk mapping.references/reporting_summary.md for the cross-skill summary index format.provenance with one of binary-confirmed|source-confirmed|runtime-confirmed|not-confirmedimpacted_flow with one or more architecture flow IDs (F1, F2, ...).sarif) per scan batch.references/severity_criteria.md and detailed criteria in references/severity_criteria_detail.md.schemas/reporting_summary_schema.json in this skill directory.schemas/task_output_schema.json and schemas/finding_schema.json.references/asm_sources.mdreferences/asm_scripts.mdreferences/asm_csv.mdreferences/sarif_conversion.mdreferences/severity_criteria.mdreferences/severity_criteria_detail.mdreferences/reporting_summary.mdscripts/asm_findings_to_csv.pyscripts/sarif_from_csv.pyscripts/generate_reporting_summary.pyschemas/reporting_summary_schema.jsonschemas/task_output_schema.jsonschemas/finding_schema.jsonnpx claudepluginhub windshock/oh-my-secuaudit --plugin oh-my-secuauditProvides CDSS development patterns for drug interaction checking, dose validation, clinical scoring (NEWS2, qSOFA), and alert classification integrated into EMR workflows.