StackHawk Documentation StackHawk Logo HawkDocs
ai security
agent skills
claude code

No results found

Try different keywords or check your spelling

Search documentation

Find guides, API references, and more

esc

Claude Code

Install

/plugin marketplace add stackhawk/agent-skills
/plugin install hawkscan@stackhawk
/plugin install api@stackhawk

Set Your API Key

export HAWK_API_KEY=hawk.xxxxxxxxxxxxxxxxxxxx

Verify

After installation, ask Claude: “What StackHawk skills do you have?” It should describe the HawkScan scanning skill and API reporting skill.

Usage

Ask Claude to scan your application:

Scan my app running on localhost:8080 for security vulnerabilities

Claude will generate a stackhawk.yml config if one doesn’t exist, validate it, run the scan, and present findings. When you finish building a feature, Claude automatically runs a security scan, fixes any findings, and rescans to verify.

Tips

  • The agent checks if your app is running and will prompt you to start it if needed
  • For authenticated endpoints, tell Claude your auth pattern (e.g., “my app uses JWT bearer tokens”) and it will configure the scan accordingly
  • Use hawk validate config stackhawk.yml to debug config issues
  • The --json-output flag is used automatically for structured findings parsing

Your privacy settings

We use first and third party cookies to ensure that we give you the best experience on our website and in our products.

Privacy Policy