vulnerability-scanning--assessment

Solid

Dependency auditing, CVE detection, configuration security review, CVSS scoring, and prioritized vulnerability reporting

Data & Documents 47 stars 3 forks Updated today MIT

Install

View on GitHub

Quality Score: 89/100

Stars 20%
56
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
80
License 10%
100
Description 5%
100

Skill Content

# Vulnerability Scanning & Assessment ## Purpose Enable Claude to perform comprehensive vulnerability assessments by directly analyzing dependency files, configuration files, and scan output — then generating prioritized, actionable reports. Claude identifies vulnerabilities, calculates risk, and prescribes remediation with version specifics. --- ## Activation Triggers This skill activates when the user asks about: - Scanning dependencies for known CVEs - Auditing `requirements.txt`, `package.json`, `go.mod`, `pom.xml`, `Cargo.toml` - Reviewing server configurations for security issues - CVSS scoring or severity calculation - Vulnerability assessment or security audit reports - Checking software versions against known exploits - Configuration hardening for nginx, Apache, SSH, Docker, Kubernetes - NVD, OSV, or CVE database queries --- ## Prerequisites ```bash pip install requests packaging jinja2 pyyaml ``` **Optional enhanced tools:** - `nuclei` — Template-based vulnerability scanner - `trivy` — Container and filesystem scanner - `nmap` with NSE scripts — Network vuln scanning - `openvas` — Full vulnerability management --- ## Core Capabilities ### 1. Dependency Vulnerability Auditing Claude can directly read and analyze dependency files: **When the user asks to audit dependencies:** 1. **Read the dependency file** using Claude's Read tool or ask the user to paste it 2. **Identify package manager** from file format: - `requirements.txt` / `Pipfile.lock` / `p...

Details

Author
Masriyan
Repository
Masriyan/Claude-Code-CyberSecurity-Skill
Created
3 months ago
Last Updated
today
Language
Python
License
MIT

Integrates with

Kubernetes · Infrastructure

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Solid

scanning-for-vulnerabilities

This skill enables comprehensive vulnerability scanning using the vulnerability-scanner plugin. It identifies security vulnerabilities in code, dependencies, and configurations, including CVE detection. Use this skill when the user asks to scan for vulnerabilities, security issues, or CVEs in their project. Trigger phrases include "scan for vulnerabilities", "find security issues", "check for CVEs", "/scan", or "/vuln". The plugin performs static analysis, dependency checking, and configuration analysis to provide a detailed vulnerability report.

2,266 Updated today
jeremylongshore
DevOps & Infrastructure Listed

security-analyzer

Comprehensive security vulnerability analysis for codebases and infrastructure. Scans dependencies (npm, pip, gem, go, cargo), containers (Docker, Kubernetes), cloud IaC (Terraform, CloudFormation), and detects secrets exposure. Fetches live CVE data from OSV.dev, calculates risk scores, and generates phased remediation plans with TDD validation tests. Use when users mention security scan, vulnerability, CVE, exploit, security audit, penetration test, OWASP, hardening, dependency audit, container security, or want to improve security posture.

335 Updated today
aiskillstore
AI & Automation Solid

vulnerability-scanner

Security vulnerability scanning for dependencies and code, with CVE database checking and risk assessment

1,034 Updated today
a5c-ai
AI & Automation Solid

analyzing-dependencies

This skill analyzes project dependencies for security vulnerabilities, outdated packages, and license compliance issues. It helps identify potential risks in your project's dependencies using the dependency-checker plugin. Use this skill when you need to check dependencies for vulnerabilities, identify outdated packages that need updates, or ensure license compatibility. Trigger phrases include "check dependencies", "dependency check", "find vulnerabilities", "scan for outdated packages", "/depcheck", and "license compliance". This skill supports npm, pip, composer, gem, and go modules projects.

2,266 Updated today
jeremylongshore
AI & Automation Solid

performing-security-audits

This skill allows Claude to conduct comprehensive security audits of code, infrastructure, and configurations. It leverages various tools within the security-pro-pack plugin, including vulnerability scanning, compliance checking, cryptography review, and infrastructure security analysis. Use this skill when a user requests a "security audit," "vulnerability assessment," "compliance review," or any task involving identifying and mitigating security risks. It helps to ensure code and systems adhere to security best practices and compliance standards.

2,266 Updated today
jeremylongshore