ark-pentest-issue-resolver
Resolve common penetration testing issues in Ark. Use when fixing security vulnerabilities from pentest reports, security audits, or OWASP Top 10 issues.
76
66%
Does it follow best practices?
Impact
96%
1.04xAverage score across 3 eval scenarios
Passed
No known issues
Optimize this skill with Tessl
npx tessl skill review --optimize ./.claude/skills/pentest-issue-resolver/SKILL.mdEvaluation results
100%
2%Securing a Python Data Ingestion API
Python deserialization and secrets exposure fixes
Parameterized SQL query
100%
100%
No f-string SQL
100%
100%
yaml.safe_load used
80%
100%
Pickle replaced with JSON
100%
100%
No password in logs
100%
100%
Generic DB error message
100%
100%
API_KEY from environment
100%
100%
DB_PASS from environment
100%
100%
Report documents findings
100%
100%
Report documents fixes
100%
100%
90%
Hardening a Next.js Analytics Dashboard for Production
Next.js security headers and XSS mitigation
innerHTML replaced
100%
100%
DOMPurify used
0%
0%
dangerouslySetInnerHTML sanitized
100%
100%
X-Frame-Options header
100%
100%
X-Content-Type-Options header
100%
100%
Strict-Transport-Security header
100%
100%
Content-Security-Policy header
100%
100%
Referrer-Policy header
100%
100%
Headers on all routes
100%
100%
changes.md documents both areas
100%
100%
100%
11%Securing a Document Conversion Microservice
Command injection, path traversal, and SSRF fixes
No os.system with user input
100%
100%
subprocess list args
100%
100%
No shell=True
100%
100%
Path basename stripping
62%
100%
Path abspath + startswith check
100%
100%
URL scheme validation
100%
100%
Private IP blocked
33%
100%
Rate limiting applied
100%
100%
400 for invalid input
100%
100%
security_notes documents all issues
100%
100%
- Repository
- mckinsey/agents-at-scale-ark
- Commit
f4bfd2d
- Evaluated
- Agent
- Claude Code
- Model
- Claude Sonnet 4.6
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.