Security Headers Auditor Your site passes all the security scanners until someone iframes it, injects a script through an open CDN source in your CSP, or steals credentials from a page with no HSTS preload. This skill fetches your response headers, grades each security header against OWASP and Mozilla Observatory standards, and gives you the exact config line to add to nginx, Apache, Next.js, or Cloudflare Workers. Works against any URL via curl. Zero external API. --- Trigger Phrases - "security headers", "check my headers", "http headers audit" - "CSP audit", "content security policy" - "HS…