jeremylongshore/claude-code-plugins-plus-skills
security-headers-analyzer
plugins/security/security-headers-analyzer/skills/analyzing-security-headers/SKILL.md
February 1, 2026
Select agents to install to:
npx add-skill https://github.com/jeremylongshore/claude-code-plugins-plus-skills/blob/main/plugins/security/security-headers-analyzer/skills/analyzing-security-headers/SKILL.md -a claude-code --skill analyzing-security-headersInstallation paths:
.claude/skills/analyzing-security-headers/# Analyzing Security Headers
## Overview
This skill provides automated assistance for the described functionality.
## Prerequisites
Before using this skill, ensure:
- Target URL or domain name is accessible
- Network connectivity for HTTP requests
- Permission to scan the target domain
- Optional: Save results to {baseDir}/security-reports/
## Instructions
1. Collect the target URL/domain and environment context (CDN/proxy, redirects).
2. Fetch response headers (HTTP/HTTPS) and capture redirects/cookies.
3. Compare headers to recommended baselines and score gaps.
4. Provide concrete remediation steps and verify fixes.
See `{baseDir}/references/implementation.md` for detailed implementation guide.
## Output
The skill produces:
**Primary Output**: Security headers analysis report
**Report Structure**:
```
# Security Headers Analysis - example.com
## Error Handling
See `{baseDir}/references/errors.md` for comprehensive error handling.
## Examples
See `{baseDir}/references/examples.md` for detailed examples.
## Resources
- OWASP Secure Headers Project: https://owasp.org/www-project-secure-headers/
- MDN Security Headers Guide: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers#security
- Security Headers Scanner: https://securityheaders.com/
- CSP Reference: https://content-security-policy.com/
- HSTS Preload: https://hstspreload.org/