Remote OpenClaw
Menu

42crunch-api-security-testing

claude-plugins-official

securityClaude Codeby 42Crunch

Summary

Automate API security directly in Claude Code with 42Crunch - automatically audit OpenAPI specs, detect vulnerabilities aligned with OWASP API Security risks (including BOLA/BFLA), and apply AI-powered fixes. Designed for AI-assisted development workflows, it provides continuous guardrails through an audit->scan->remediate->validate loop, ensuring APIs meet enterprise security standards before deployment.

Install to Claude Code

/plugin install 42crunch-api-security-testing@claude-plugins-official

Run in Claude Code. Add the marketplace first with /plugin marketplace add anthropics/claude-plugins-official if you haven't already.

README.md

42Crunch Claude Plugins

The official 42Crunch plugin marketplace for Claude Code — a catalog of AI-powered plugins that bring 42Crunch's API security capabilities directly into your Claude Code workflow.

42Crunch plugins give Claude the ability to audit OpenAPI specs, scan live APIs for vulnerabilities, and apply fixes to ensure APIs meet security guardrails.

Structure

.claude-plugin/
  marketplace.json              # Plugin registry manifest
docs/                           # Repository-level documentation assets
  images/                       # Screenshots and diagrams used in READMEs
plugins/                        # Claude plugins developed by 42Crunch
  api-security-testing/
    .claude-plugin/
      plugin.json               # Plugin metadata
    skills/                     # Skill definitions
    references/                 # Reference definitions
    README.md                   # Documentation
    LICENSE                     # License

Prerequisites

The Claude Code CLI is required to add marketplaces and install plugins using the claude CLI commands below.

Adding this Marketplace

Register the 42Crunch marketplace with Claude Code:

Using Claude Code CLI

claude plugin marketplace add https://github.com/42Crunch-AI/claude-plugins

Or Using an interactive Claude Code session

/plugin marketplace add https://github.com/42Crunch-AI/claude-plugins

Or Using Claude Code (for VSCode) plugin manager

1. Type /plugin and press Enter to open the plugin manager:

!Manage Plugins

2. On the Marketplaces tab, paste the 42Crunch marketplace URL:

  • https://github.com/42Crunch-AI/claude-plugins
  • Click Add to add the marketplace

!Add Marketplace

Available Plugins

42crunch-api-security-testing

AI-powered API security plugin backed by 42Crunch. Audit OpenAPI specs, detect OWASP API Security vulnerabilities (including BOLA/BFLA), run live conformance and authorization scans against running APIs, and apply AI-assisted fixes — all through natural language.

Install: After registering the marketplace (see above), install the plugin:

Using Claude Code CLI

claude plugin install 42crunch-api-security-testing@42crunch-marketplace

Or Using an interactive Claude Code session

/plugin install 42crunch-api-security-testing@42crunch-marketplace

Or Using Claude Code (for VSCode) plugin manager

1. On the Plugins tab, search for the 42Crunch plugin:

  • Type '42crunch' in the search bar
  • Click Install on the 42crunch-api-security-testing plugin

!Plugin Search

2. Choose the scope of the plugin installation (User, Project, Local):

!Plugin Install

3. Click Restart to apply the changes:

!Plugin Restart

See the plugin README for full documentation and RECIPES.md for common scenario guides.

Links

Related plugins

Browse all →

auth0

claude-plugins-official

Enterprise-grade auth, easy to implement. Add login, SSO, MFA, and access control to any app with framework-aware guidance.

Open plugin →

crowdstrike-falcon-foundry

claude-plugins-official

CrowdStrike Falcon Foundry development skills for building cybersecurity applications on the Falcon platform. Includes UI development, collections, functions, workflows, API integration, security patterns, and debugging workflows.

Open plugin →

duende-skills

claude-plugins-official

Duende development skills and agents for Claude Code — covering OAuth/OIDC protocols, IdentityServer, token management, ASP.NET Core authentication/authorization, BFF patterns, and secure identity architecture

Open plugin →

jfrog

claude-plugins-official

Use the JFrog Platform from Claude Code: Artifactory repos and artifacts, security findings and exposures, Catalog package safety and downloads, workflows across the SDLC, and platform administration.

Open plugin →

security-guidance

claude-plugins-official

Security review for Claude-generated code. Pattern-based warnings on edits, LLM-powered diff review on Stop, and an agentic commit reviewer that catches injection, XSS, SSRF, hardcoded secrets, and 25+ other vulnerability classes.

Open plugin →

semgrep

claude-plugins-official

Semgrep catches security vulnerabilities in real-time and guides Claude to write secure code from the start.

Open plugin →

Browse

Plugins by category

Other2041development375productivity237communication49design47security46database40workflow30compliance28product24data22bundle21