Stats
Actions
Tags
How this command is triggered — by the user, by Claude, or both
Slash command
/security-vulnerabilities:fix-all-dependabot-alertsThe summary Claude sees in its command listing — used to decide when to auto-load this command
# Fix All Dependabot Alerts This command will: 1. Fetch all open Dependabot alerts 2. Fix each alert one by one by calling the fix-dependabot-alert command 3. Track progress and report results ## Step 1: Pre-checks IMPORTANT: Load the pre-checks skill 'pre-checks-for-github-dependabot-alerts' skill **If pre-checks fail, stop execution.** ## Step 2: Fetch All Alerts Retrieve all open Dependabot alerts from GitHub and put them in context: **If there are no alerts or an error occurs, inform the user and stop execution.** Show the user: - Total number of open alerts found - List of al...
This command will:
IMPORTANT: Load the pre-checks skill 'pre-checks-for-github-dependabot-alerts' skill
If pre-checks fail, stop execution.
Retrieve all open Dependabot alerts from GitHub and put them in context:
curl -H "Authorization: Bearer $GITHUB_DEPENDABOT_PAT" \
-H "Accept: application/vnd.github+json" \
https://api.github.com/repos/[ACCOUNT]/[REPO]/dependabot/alerts?state=open
If there are no alerts or an error occurs, inform the user and stop execution.
Show the user:
For each alert found, call the fix-dependabot-alert command:
/security-vulnerabilities:fix-dependabot-alert [alert-id] [$1] [$2]
Process alerts sequentially (one at a time, not in parallel).
After each alert is processed:
Report to the user:
ARGUMENTS: None (automatically extracts from local git remote)
npx claudepluginhub allousas/claude-code-plugins --plugin security-vulnerabilities/harden-actionsPin GitHub Actions to SHAs, fix permissions, and flag dangerous triggers
/fixRemediates security findings from a JSON scan file. Supports single-fix (--one), batch-fix by severity (--all), and PR creation with auto-apply (--pr).