I am on the Pro Plan and recently switched from the free plan to build a small business website. I was trying to run a security check using the prompt below (made by Claude) to check security before I publish my website. I run this in the morning to make sure I have full free daily tokens for this, as I expected it might take quite a few, but I did not expect that one prompt would eat up the entire daily quota and leave it unfinished. This is frustrating. What am I doing wrong? Is there a configuration I should set up to make my Claude code more efficient? Help Run a comprehensive cybersecurity audit on my website. Do the following automatically without any user interaction: Reconnaissance & Discovery — Enumerate all publicly accessible endpoints, open ports, and exposed services. Vulnerability Scanning — Test for OWASP Top 10 vulnerabilities including SQL injection, XSS, CSRF, SSRF, broken authentication, security misconfigurations, and insecure deserialization. Header & TLS Analysis — Check HTTP security headers (CSP, HSTS, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy) and validate TLS/SSL configuration (protocol versions, cipher suites, certificate validity). Dependency Audit — Scan all project dependencies for known CVEs using the relevant package manager (npm audit, pip-audit, composer audit, etc.). Authentication & Session Security — Evaluate password policies, session handling, token expiration, cookie flags (HttpOnly, Secure, SameSite), and rate limiting on auth endpoints. Static Code Analysis — Review source code for hardcoded secrets, insecure API calls, improper input validation, and unsafe file handling. Output a structured report with: A severity-ranked list of all findings (Critical / High / Medium / Low / Informational) A concrete remediation for each issue with code fixes or configuration changes A summary scorecard of the site’s overall security posture Apply all safe, non-destructive fixes automatically where possible and flag anything that requires manual review. submitted by /u/mspforyou
Originally posted by u/mspforyou on r/ClaudeCode
You must log in or # to comment.