Use when conducting security audits, reviewing code for vulnerabilities, or analyzing infrastructure security. Invoke for SAST scans, penetration testing, DevSecOps practices, cloud security reviews.
Data sourced from ClawHub. View on ClawSkills
Select your agent
Option 1: Install via CLI (recommended)
Recommended (no pre-install needed)
npx clawhub@latest --dir ~/.claude/skills install pentestOr via clawhub CLI (if already installed)
clawhub --dir ~/.claude/skills install pentestβ οΈ Requires Node.js 18+. No Node? Use Option 2 below to download the ZIP instead. Install Node.js β
Option 2: Manual install (no Node required)
Download the ZIP, extract it, and place the folder at the path below. Restart your agent to activate.
Install path
~/.claude/skills/pentest/π‘Extract and place the folder at the path above, then restart your agent.
Category
π»Developer & DevOpsPlatforms
What security-reviewer can do for your AI workflow
When conducting security directly from your Claude conversation
Works across Claude, Cursor, OpenClaw β install once, use everywhere
Trusted by 5,901+ developers worldwide
One-command installation β no complex setup required
Combine with other skills to build powerful multi-step AI workflows
Try these prompts with your AI agent after installing security-reviewer
Help me get started with security-reviewer
Explains what security-reviewer does, walks through the setup, and runs a quick demo based on your current project
Use security-reviewer to use when conducting security audits, reviewing code for vulnerabili...
Invokes security-reviewer with the right parameters and returns the result directly in the conversation
What can I do with security-reviewer in my developer & devops workflow?
Lists the top use cases for security-reviewer, with example commands for each scenario
Guides & tutorials for AI skills
The 7 AI Skills Every Software Developer Should Have Installed in 2026
After testing dozens of developer-focused AI skills, these are the seven that have proven genuinely useful across different tech stacks and workflows β not just impressive demos, but tools that hold up under daily use.
MCP Skills vs Native Claude Tools: What's the Difference and When to Use Each
Claude comes with built-in capabilities, but MCP skills extend it in ways the base model can't. Here's a clear breakdown of what each type of tool is good for, with real examples of when to reach for a skill versus relying on Claude's native abilities.
security-reviewer extends your AI assistant with the ability to use when conducting security audits, reviewing code for vulnerabilities, or analyzing infrastructure security. Invoke for SAST scans, penetration testing, DevSecOps practices, cloud security reviews. Rather than leaving your conversation to handle this manually, you can ask your Claude agent directly β and it will take care of the task end-to-end, using security-reviewer as its underlying capability.
security-reviewer works across Claude, Cursor, OpenClaw through the Model Context Protocol (MCP) β an open standard that lets AI clients share tools and skills without lock-in. Because MCP is platform-agnostic by design, you install security-reviewer once and it becomes available across all your AI clients. Whether you're working in Claude for focused sessions or Cursor for integrated workflows, the skill behaves consistently.
Getting started with security-reviewer takes about two minutes. Place the skill at `~/.claude/skills/pentest/` (personal, all projects) or `.claude/skills/pentest/` (project-specific), then restart your AI client. From that point, typing `/pentest` in any conversation activates it, or the AI will use it on its own when it detects a relevant request.
security-reviewer has been installed 5,901 times, making it one of the more actively used skills in the Developer & DevOps category. The install rate suggests it solves a real, recurring need rather than a niche edge case. Like all skills on DiscoverAISkills, it is free to install and use. The broader AI skills ecosystem continues to expand as developers contribute new capabilities across categories like developer tools, data analysis, writing, automation, and more.
Place the skill folder at ~/.claude/skills/pentest/ for personal use (all projects), or .claude/skills/pentest/ for project-specific use. Restart your AI client, then invoke with /pentest or let the AI discover it automatically.
security-reviewer supports Claude, Cursor, OpenClaw. It integrates seamlessly with these AI platforms to extend their capabilities.
security-reviewer is free to install. Check the repository for licensing information.
Use when conducting security audits, reviewing code for vulnerabilities, or analyzing infrastructure security. Invoke for SAST scans, penetration testing, DevSecOps practices, cloud security reviews.
Pentest Api Attacker
Test APIs against OWASP API Security Top 10 including discovery, auth abuse, and protocol-specific checks.
Pentest Auth Bypass
Test authentication and session management controls for bypass and account takeover scenarios.
Pentest Active Directory
Assess Active Directory identity attack paths including roasting, relay, and delegation abuse.
Automate my developer & devops tasks using security-reviewer
Identifies repetitive steps in your workflow and sets up security-reviewer to handle them automatically
security-reviewer is categorized under Developer & DevOps. These skills help AI agents perform specialized tasks in this domain.
Pentest C2 Operator
Set up authorized C2 simulation workflows and measure defensive detection outcomes.