cvecwe-database-skill

# CVE/CWE Database Skill ## Overview This skill provides CVE and CWE database querying, CVSS scoring, and vulnerability management capabilities. ## Capabilities - Query NVD for CVE details - Search CWE database for weaknesses - Calculate CVSS scores (v2, v3.1, v4) - Generate CVE request templates - Track CVE assignment status - Map vulnerabilities to CWE - Generate vulnerability advisories - Support CPE matching ## Target Processes - vulnerability-root-cause-analysis.js - responsible-disclosure.js - security-advisory-writing.js - variant-analysis.js ## Dependencies - NVD API access - CWE database (local or API) - cvss library (Python) - Python 3.x ## Usage Context This skill is essential for: - Vulnerability classification - CVSS score calculation - CVE request preparation - Advisory writing - Vulnerability tracking ## Integration Notes - Supports NVD API v2 - Can cache CVE data locally - Integrates with vulnerability management systems - Supports CPE-based vulnerability matching - Can generate machine-readable advisories (CSAF)