identify-security-vuln-discussion
Screen GitHub issues and comments for inadvertent security vulnerability disclosure. Use when: (1) A new issue is created, (2) An issue body is edited, (3) A comment is added or edited, (4) Part of issue intake pipeline. Prevents bypass by editing clean issues to add vulnerabilities later. If a vulnerability is detected in title/body, closes the issue and tags @netwrix/security. If detected in a comment, deletes the comment and posts a security notice.
91
88%
Does it follow best practices?
Impact
96%
2.00xAverage score across 3 eval scenarios
Advisory
Suggest reviewing before use
Evaluation results
95%
64%Security Triage: Issue Intake Screening
Security triage: vulnerability in issue title/body triggers close workflow
Fetch comments first
0%
100%
Posts security notice comment
100%
100%
Exact comment text — opening line
0%
100%
Exact comment text — tags security team
0%
100%
Exact comment text — closure notice
0%
100%
Closes issue
100%
100%
Close reason 'not planned'
100%
100%
FAIL — ISSUE CLOSED report
0%
100%
No vulnerability details in report
0%
50%
Comment before close ordering
100%
100%
Security team mentioned in report
50%
100%
No variations in security notice
0%
100%
97%
69%Security Triage: Comment Screening During Issue Processing
Security triage: leaked credentials in comment triggers delete workflow, issue stays open
Identifies comment as security concern
100%
100%
Deletes comment via gh api DELETE
0%
100%
Uses DELETE method not close
100%
100%
Posts reply comment
100%
100%
Exact reply text — opening line
0%
100%
Exact reply text — tags security team
0%
100%
Exact reply text — reporting channels
0%
100%
FAIL — COMMENT DELETED report
0%
100%
Issue remains open indicated
33%
100%
No credentials in report
0%
100%
No extra text in reply comment
0%
40%
Fetch comments as first command
100%
100%
96%
10%Security Triage: Screening an Issue with Ambiguous Technical Content
Security triage: clean issue with no concerns passes screening, correct PASS report
Fetches comments first
50%
66%
No issue close command
100%
100%
No comment delete command
100%
100%
No security notice comment posted
100%
100%
PASS report line
66%
100%
PASS report mentions no vulnerability
80%
100%
Evaluates comments explicitly
100%
100%
Issue number in report
100%
100%
- Repository
- netwrix/docs
- Commit
6b797b3
- Evaluated
- Agent
- Claude Code
- Model
- Claude Sonnet 4.6
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.