SSL audit
TLS/SSL security posture check: live certificate inspection, HTTP security headers, and CAA DNS records.
When to use this pack
Verifying a domain's TLS posture — cert validity, security headers, and who's authorized to issue certs.
Tools in this pack
-
TLS certificate
$0.003
POST /api/tls-cert
Inspect the TLS certificate of any public host: subject, issuer, validity window, days remaining, SANs, and SHA-256 fingerprint.
-
HTTP headers + security analysis
$0.003
POST /api/http-headers
Fetch a URL and return every response header plus a security analysis: HSTS, CSP, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy, COOP/CORP/COEP. Scores 0–100 by presence, flags weak HSTS, and warns on Server/X-Powered-By identity leaks. SSRF-protected.
-
DNS lookup
$0.002
POST /api/dns-lookup
Resolve any DNS record type for a host: A, AAAA, MX, TXT, CNAME, NS, SOA, CAA, SRV, PTR. Returns the records plus a count. Built on Node's native resolver — no external API.
Workflow
- Inspect the live TLS certificate — issuer, expiry, SANs, chain validity.
- Fetch HTTP response headers — HSTS, CSP, and other security headers.
- Check CAA DNS records to see which CAs are authorized to issue certs for this domain.
Run it in Claude
claude mcp add agent402 -s user -- npx -y agent402-mcp@latest
Then paste this prompt into Claude:
Run an SSL audit on stripe.com using Agent402's ssl-audit skill pack. Get (1) TLS cert details — issuer, expiry, SANs, (2) HTTP security headers — HSTS, CSP, (3) CAA DNS records. Flag any near-expiry or missing HSTS.
← All skill packs