Search Results: vulnerability-scanning

Found 64 Skills

security-check

Red-team security review for code changes. Use when reviewing pending git changes, branch diffs, or new features for security vulnerabilities, permission gaps, injection risks, and attack vectors. Acts as a pen-tester analyzing code.

🇺🇸|EnglishTranslated

Security & Complianceghostsecurity/skills

ghost-report

Ghost Security — combined security report. Aggregates findings from all scan skills (scan-deps, scan-secrets, scan-code) into a single prioritized report focused on the highest risk, highest confidence issues. Use when the user requests a security overview, vulnerability summary, full security audit, or combined scan results.

🇺🇸|EnglishTranslated

Security & Complianceenigmatry/agent-skills

baseline-security-audit

Ensures baseline security practices are followed in the project. Use this when asked to perform a security audit on the codebase. Automatically creates Jira stories for each security finding.

🇺🇸|EnglishTranslated

Code Qualityclaude-code-community-ire...

dependency-audit

Dependency management and auditing — evaluating new dependencies, security vulnerability scanning, update strategies, and license compliance. Use when adding or auditing dependencies.

🇺🇸|EnglishTranslated

Security & Compliancesrstomp/pokayokay

security-audit

Use when reviewing code security, auditing dependencies for CVEs, checking configuration or secret security, assessing authentication and authorization patterns, identifying OWASP vulnerabilities (injection, XSS, CSRF), or addressing security concerns about implementations.

🇺🇸|EnglishTranslated

Security & Compliancenaodeng/awesome-qa-skills

security-testing

Design security testing solutions, including OWASP Top 10, penetration testing, and vulnerability scanning. Default output is Markdown, and Excel/CSV/JSON output is available upon request. Use for security testing or security-testing.

🇨🇳|ChineseTranslated

1 scripts/Attention

Security & Complianceproffesor-for-testing/age...

security-testing

Test for security vulnerabilities using OWASP principles. Use when conducting security audits, testing auth, or implementing security practices.

🇺🇸|EnglishTranslated

Security & Compliancemukul975/anthropic-cybers...

analyzing-docker-container-forensics

Investigate compromised Docker containers by analyzing images, layers, volumes, logs, and runtime artifacts to identify malicious activity and evidence.

🇺🇸|EnglishTranslated

1 scripts/Attention

Security & Compliancesomnio-software/somnio-ai...

security-audit

Execute a comprehensive, framework-agnostic Security Audit. Detects project type at runtime and adapts security checks accordingly. Analyzes sensitive files, source code secrets, dependency vulnerabilities, and optionally uses Gemini AI for advanced analysis. Produces a severity-classified report. Use when the user asks to audit security, scan for vulnerabilities, check for secrets, or assess dependency risks. Triggers on: 'security audit', 'vulnerability scan', 'secret scan', 'dependency audit', 'security check', 'pentest', 'owasp'.

🇺🇸|EnglishTranslated

Security & Complianceyaklang/hack-skills

recon-and-methodology

Reconnaissance and methodology playbook. Use when mapping assets, discovering endpoints, fingerprinting technology, and building a structured testing plan for a new target.

🇺🇸|EnglishTranslated

Security & Compliancewinsorllc/upgraded-carniv...

security-audit

Scan code for security vulnerabilities and secrets. Detect exposed secrets, insecure patterns, and common vulnerabilities.

🇺🇸|EnglishTranslated

1 scripts/Attention

Security & Compliancemukul975/anthropic-cybers...

analyzing-sbom-for-supply-chain-vulnerabilities

Parses Software Bill of Materials (SBOM) in CycloneDX and SPDX JSON formats to identify supply chain vulnerabilities by correlating components against the NVD CVE database via the NVD 2.0 API. Builds dependency graphs, calculates risk scores, identifies transitive vulnerability paths, and generates compliance reports. Activates for requests involving SBOM analysis, software composition analysis, supply chain security assessment, dependency vulnerability scanning, CycloneDX/SPDX parsing, or CVE correlation.

🇺🇸|EnglishTranslated

1 scripts/Checked