CtrlK
BlogDocsLog inGet started
Tessl Logo

cve-watchlist-action-recommendation-generator

Generate prioritized CVE watchlists and actionable security recommendations for repositories. Use when analyzing CVE scan results, creating security reports, prioritizing vulnerability remediation, or generating security gate reports for CI/CD. Takes CVE scan results (JSON/SARIF from npm audit, pip-audit, Snyk), reachability analysis, and cutoff date as input. Combines severity, reachability, exploitability, and dependency criticality to rank CVEs by practical risk. Outputs markdown reports with concrete next-step guidance (immediate upgrade, monitor, ignore with justification, apply mitigation) suitable for issue trackers, security reviews, and CI security gates.

92

1.38x
Quality

92%

Does it follow best practices?

Impact

86%

1.38x

Average score across 3 eval scenarios

SecuritybySnyk

Advisory

Suggest reviewing before use

SKILL.md
Quality
Evals
Security

Evaluation results

92%

64%

CVE Risk Triage for a Healthcare API Platform

Risk factor scoring and tier classification

Criteria
Without context
With context

Correct formula weights

0%

100%

Reachability numeric mapping

0%

100%

Exploitability numeric mapping

0%

100%

Criticality numeric mapping

20%

100%

Severity adjustment for known exploit

0%

0%

Severity adjustment for active exploitation

0%

100%

Critical tier boundary

50%

100%

High tier boundary

25%

100%

Low/Minimal tier boundary

37%

100%

Missing data assumption documented

80%

100%

Score calculations shown

100%

100%

98%

22%

Security Report for an E-commerce Node.js Backend

Full report structure and grouped CVE recommendations

Criteria
Without context
With context

Executive Summary section

50%

100%

Prioritized CVE Watchlist section

25%

100%

Summary of Actions section

37%

75%

Dependency Overview section

25%

100%

Next Steps section

50%

100%

Grouped multi-CVE package

100%

100%

Transitive dependency handling

100%

100%

npm upgrade commands

100%

100%

Mitigation for unavailable fix

100%

100%

Links to CVE references

100%

100%

Breaking changes documented

100%

100%

69%

-14%

Automated CVE Processing for a FinTech Platform

Script-based workflow and special case handling

Criteria
Without context
With context

parse_scan_results.py invocation

100%

100%

calculate_risk_score.py invocation

100%

87%

Script pipeline order

100%

100%

No-fix mitigation recommendation

100%

100%

Breaking-changes evaluation

70%

30%

Ignore with justification

40%

0%

Compensating controls score reduction

20%

0%

Reachability data included

100%

100%

Missing data assumption documented

100%

62%

Process log or script output

100%

100%

Zero-day treatment

100%

100%

Repository
ArabelaTso/Skills-4-SE
Commit

0f00a4f

Evaluated
Agent
Claude Code
Model
Claude Sonnet 4.6

Table of Contents

CVE Risk Triage for a Healthcare API PlatformSecurity Report for an E-commerce Node.js BackendAutomated CVE Processing for a FinTech Platform

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.

Claim skill