advisory-mininglisted

Mine GitHub Security Advisories and CVE databases for incomplete fixes, finding variant vulnerabilities in patched code or similar patterns in related packages.
Liaabnormal676/find-cve-agent · ★ 0 · AI & Automation · score 75

Install: claude install-skill Liaabnormal676/find-cve-agent

# Advisory Mining -- Finding Incomplete Fixes ## When to Use Looking for high-acceptance-rate findings. Incomplete fix variants have ~95% acceptance rate because: 1. The vulnerability class is already acknowledged 2. The fix proves the maintainer cares about security 3. The variant proves the fix was insufficient ## Process ### Step 1: Find Recent Advisories ```bash # GitHub Advisory API -- recent npm advisories gh api graphql -f query=' { securityAdvisories(first: 20, orderBy: {field: PUBLISHED_AT, direction: DESC}, ecosystem: NPM) { nodes { ghsaId summary severity publishedAt vulnerabilities(first: 5) { nodes { package { name ecosystem } vulnerableVersionRange firstPatchedVersion { identifier } } } } } }' # Search by keyword gh api "/advisories?ecosystem=npm&keyword=injection&per_page=20" gh api "/advisories?ecosystem=pip&keyword=traversal&per_page=20" ``` ### Step 2: Read the Patch Diff For each advisory: 1. Find the fix commit (linked in the advisory or CHANGELOG) 2. Read the diff carefully 3. Ask: what did they fix? What did they NOT fix? ```bash # Find security-related commits git log --oneline --all | grep -i "security\|fix\|vuln\|CVE\|patch\|sanitize" # Read the patch git show <commit_hash> git diff <before_commit>..<fix_commit> ``` ### Step 3: Check for Incomplete Fix Patterns Common incomplete fixes: | What Was Fixed | What Was Missed | |---------------|-------