scanning-for-vulnerabilities

This skill enables comprehensive vulnerability scanning using the vulnerability-scanner plugin. It identifies security vulnerabilities in code, dependencies, and configurations, including CVE detection. Use this skill when the user asks to scan for vulnerabilities, security issues, or CVEs in their project. Trigger phrases include "scan for vulnerabilities", "find security issues", "check for CVEs", "/scan", or "/vuln". The plugin performs static analysis, dependency checking, and configuration analysis to provide a detailed vulnerability report.

1.03x

Quality

53%

Does it follow best practices?

Impact

97%

1.03x

Average score across 9 eval scenarios

Securityby

Passed

No known issues

Optimize this skill with Tessl

npx tessl skill review --optimize ./backups/skills-migration-20251108-070147/plugins/security/vulnerability-scanner/skills/vulnerability-scanner/SKILL.md

Evaluation results

96%

-3%

Security Audit: Node.js E-Commerce Backend

Dependency vulnerability reporting

Criteria

Without context

With context

CVE identifiers

100%

Severity levels

91%

100%

Affected package versions

100%

Remediation guidance

100%

Findings section

100%

Critical/high priority

100%

Multiple vulnerabilities

100%

Dependency scan scope

100%

Upgrade path

100%

Re-scan recommendation

100%

60%

100%

Full Security Review: Internal Analytics API

Comprehensive multi-type security analysis

Criteria

Without context

With context

Static code analysis

100%

Dependency analysis

100%

Configuration analysis

100%

CVE IDs in dependency findings

100%

Severity classification

100%

Code-level remediation

100%

Dependency remediation

70%

100%

Config remediation

100%

Critical/high priority

100%

SQL injection identified

100%

Hardcoded secret identified

100%

95%

Pre-Release Security Clearance: Marketplace Service

Pre-deployment vulnerability validation

Criteria

Without context

With context

Vulnerability scan performed

100%

Dependency scan

100%

Static code analysis

100%

Severity levels

100%

CVE identifiers

100%

Fix verification

100%

Remaining issues flagged

100%

Remediation guidance

100%

Critical/high prioritized

100%

Re-scan after fixes

57%

100%

Regular scan recommendation

28%

100%

Security Findings to Dev Backlog

Ticketing system integration

Criteria

Without context

With context

Separate ticket files

100%

CVE IDs in dependency tickets

100%

Severity label per ticket

100%

Remediation acceptance criteria

100%

Critical/high tickets prioritized

100%

Static code finding ticket

100%

Dependency finding ticket

100%

Configuration finding ticket

100%

Backlog summary file

100%

Re-scan recommendation

100%

Affected version specified

100%

Automate Security Scanning in the Release Pipeline

Pre-deployment scan workflow

Criteria

Without context

With context

Pre-deployment scan step

100%

Dependency scan in pipeline

100%

Static analysis in pipeline

100%

Config scan in pipeline

100%

Critical/high blocks deploy

100%

Scheduled regular scan

100%

Runbook covers three types

100%

Re-scan after fix documented

100%

Pipeline config file produced

100%

Runbook file produced

100%

Severity triage documented

60%

100%

95%

Production Configuration Security Assessment

Configuration security analysis

Criteria

Without context

With context

Hardcoded secrets identified

100%

Debug/verbose mode flagged

100%

Web server misconfiguration

100%

Missing security headers

100%

Insecure session/cookie settings

100%

Severity per finding

100%

Critical/high findings first

62%

100%

Specific remediation per finding

100%

CORS misconfiguration

100%

At least 5 findings

100%

Re-review after remediation

Unencrypted channel flagged

100%

93%

Web Application Security Audit

XSS and injection static analysis

Criteria

Without context

With context

Static analysis performed

100%

XSS finding identified

100%

Injection finding identified

100%

Severity levels assigned

100%

Critical/high prioritized

100%

Code-level remediation

100%

Dependency analysis included

100%

Configuration analysis included

100%

CVE IDs for dependencies

100%

Findings section present

100%

Re-scan recommendation

22%

100%

Vulnerability Remediation Walkthrough

Fix-then-re-scan remediation cycle

Criteria

Without context

With context

Initial scan performed

100%

Vulnerability identified

100%

Severity level present

100%

Fix applied

100%

Re-scan step documented

100%

Fix validation documented

100%

Critical/high fixes first

100%

Remediation guidance included

100%

Static analysis covered

100%

Dependency scan covered

100%

CVE ID present

100%

New Project Security Baseline Assessment

Security baseline for new project onboarding

Criteria

Without context

With context

Static analysis in baseline

100%

Dependency analysis in baseline

100%

Configuration analysis in baseline

100%

CVE IDs included

100%

Severity classification

100%

Critical/high prioritized

100%

Remediation guidance per finding

100%

Regular scanning schedule

100%

Pre-deployment scan recommended

100%

Re-scan after fixes

100%

Findings summary section

100%

Affected versions noted

100%

Repository: jeremylongshore/claude-code-plugins-plus-skills
Commit: 13d35b8

Evaluated: 2 months ago
Agent: Claude Code
Model: Claude Sonnet 4.6

Table of Contents

Security Audit: Node.js E-Commerce Backend Full Security Review: Internal Analytics API Pre-Release Security Clearance: Marketplace Service Security Findings to Dev Backlog Automate Security Scanning in the Release Pipeline Production Configuration Security Assessment Web Application Security Audit Vulnerability Remediation Walkthrough New Project Security Baseline Assessment

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.