Agent Skills

StackHawk agent skills are instruction sets that teach AI coding agents how to run security scans, parse findings, fix vulnerabilities, and verify fixes. Install a skill and your agent gains full runtime security testing capability — no separate tools, no context switching.

How Agent Skills Work

When you install a StackHawk agent skill, your AI coding agent learns how to:

1. Configure — Generate a stackhawk.yml config file based on your app type, host, and auth pattern
2. Scan — Run HawkScan against your running application
3. Parse — Read structured JSON findings with vulnerability type, severity, affected path, and method
4. Fix — Remediate vulnerabilities directly in your codebase (parameterized queries, output encoding, security headers, etc.)
5. Verify — Rescan to confirm all fixes are effective

When you finish building a feature, the agent automatically runs this loop — “done” means “done and secure.”

Supported Platforms

Prerequisites

• An AI coding agent
• A StackHawk account (Secure, Scale, or Vibe)
• A StackHawk API key (generate at app.stackhawk.com → Settings → API Keys)
• hawk CLI v5.5.11 or later — see Install and Run HawkScan for signed installers (macOS .pkg, Windows .msi, Linux .zip) or Homebrew. Verify with hawk version.
• hawkop CLI — required by the API skill to interact with the StackHawk Platform. See Downloads for all platforms for signed installers (macOS .pkg, Windows .msi, Linux .zip) or Homebrew.
• An application running locally that the scanner can reach and it’s source code so the agent can FIX the found issues.

Two Skills Included

The StackHawk agent skills package includes two skills:

Skill	Purpose
HawkScan	Configure, run, and interpret security scans. Fix vulnerabilities and verify fixes.
StackHawk API	Query the StackHawk platform for security posture, findings reports, scan history, and triage status.