StackHawk Documentation StackHawk Logo HawkDocs
ai security
agent skills
copilot

No results found

Try different keywords or check your spelling

Search documentation

Find guides, API references, and more

esc

GitHub Copilot

GitHub Copilot auto-discovers agent skills from standard directories in your user profile or project. Install the StackHawk skills once and they’re available across every project you work on.

Install StackHawk skills to your user profile so they’re available in every project:

# Clone the skills repo
git clone https://github.com/stackhawk/agent-skills.git /tmp/stackhawk-skills

# Install StackHawk skills to your personal skills directory
bash /tmp/stackhawk-skills/scripts/install.sh --platform copilot --target ~

# Clean up
rm -rf /tmp/stackhawk-skills
# Clone the skills repo
git clone https://github.com/stackhawk/agent-skills.git $env:TEMP\stackhawk-skills

# Install StackHawk skills to your personal skills directory
& "$env:TEMP\stackhawk-skills\scripts\install.ps1" -Platform copilot

# Clean up
Remove-Item -Recurse -Force "$env:TEMP\stackhawk-skills"

CMD users: use PowerShell (built into Windows 10+) or WSL.

Skills installed to ~/.agents/skills/ are discovered by Copilot, Claude Code, and other tools that follow the shared agents convention.

export HAWK_API_KEY=hawk.xxxxxxxxxxxxxxxxxxxx
$env:HAWK_API_KEY = "hawk.xxxxxxxxxxxxxxxxxxxx"

CMD users: use PowerShell (built into Windows 10+) or WSL.

Check your directory structure — after install, you should see:

~/.agents/skills/
├── hawkscan/
│   ├── SKILL.md
│   └── references/
└── stackhawk-api/
    ├── SKILL.md
    └── references/

In VS Code: Open GitHub Copilot → Configure Skills. Both hawkscan and stackhawk-api should appear in the list.

Ask Copilot: "What StackHawk skills do you have?" — the response should mention both the HawkScan DAST skill and the StackHawk API skill.

Ask Copilot to scan your application:

Scan my app running on localhost:8080 for security vulnerabilities
  • Install once, scan everywhere: Personal skills in ~/.agents/skills/ are available across all your projects
  • Multi-tool support: ~/.agents/skills/ works across Copilot, Claude Code, and other tools that follow the shared agents convention
  • Team distribution: For team-wide rollout, add skills to .github/skills/ in your repos
  • Custom locations: Configure additional skill directories via the chat.skillsLocations setting in VS Code
  • The agent checks if your app is running and will prompt you to start it if needed

Your privacy settings

We use first and third party cookies to ensure that we give you the best experience on our website and in our products.

Privacy Policy