vuln

# Vulnetix Vulnerability Lookup Skill This skill serves two purposes based on the argument provided: - **Vuln ID argument** (CVE-*, GHSA-*, PYSEC-*, etc.) --> retrieves detailed vulnerability intelligence and assesses its impact against the current repository - **Package name argument** (express, lodash, log4j-core, etc.) --> lists all known vulnerabilities for that package and identifies which ones affect your installed version **This skill does not modify application code** -- it only updates `.vulnetix/memory.yaml` to track findings. Use `/vulnetix:fix` for remediation, `/vulnetix:exploits` for exploit analysis, or `/vulnetix:remediation` for a context-aware remediation plan. ## Argument Detection Determine the mode from the argument: **Vuln lookup mode** -- argument matches any known vulnerability identifier pattern: - `CVE-*` (e.g., CVE-2021-44228) - `GHSA-*` (e.g., GHSA-jfh8-3a1q-hjz9) - `PYSEC-*`, `GO-*`, `RUSTSEC-*`, `EUVD-*`, `OSV-*`, `GSD-*`, `VDB-*`, `GCVE-*` - `SNYK-*`, `ZDI-*`, `MSCVE-*`, `MSRC-*`, `RHSA-*`, `TALOS-*`, `EDB-*` - `WORDFENCE-*`, `PATCHSTACK-*`, `MFSA*`, `JVNDB-*`, `CNVD-*`, `BDU:*`, `HUNTR-*` - `DSA-*`, `DLA-*`, `USN-*`, `ALSA-*`, `RLSA-*`, `MGASA-*`, `OPENSUSE-*`, `FreeBSD-*`, `BIT-*` The VDB accepts **78+ identifier formats** in total. **Package vulns mode** -- argument does not match any vuln-id pattern. Treat it as a package name. If ambiguous, prefer vuln lookup mode (vuln IDs are more structured). If the vuln lookup returns an error ...