Skill

vulnerability-scanning

Scans code, dependencies, containers, and infrastructure for vulnerabilities using OWASP tools, CVE databases, npm audit, and security scanners. For audits, compliance, pre-deployment, and CI/CD monitoring.

Javascript

Python

Install

npx claudepluginhub joshuarweaver/cascade-code-languages-misc-1 --plugin aj-geddes-useful-ai-prompts-4

Tool Access

This skill uses the workspace's default tool permissions.

Preview

- [Overview](#overview)

Supporting Assets

references/cicd-integration-github-actions.mdreferences/nodejs-vulnerability-scanner.mdreferences/python-owasp-scanner.mdscripts/validate-config.shtemplates/config-starter.yaml

SKILL.md

Similar Skills

skill-lookup

Searches, retrieves, and installs Agent Skills from prompts.chat registry using MCP tools like search_skills and get_skill. Activates for finding skills, browsing catalogs, or extending Claude.

prompts.chat

159.9k

prompt-lookup

Searches prompts.chat for AI prompt templates by keyword or category, retrieves by ID with variable handling, and improves prompts via AI. Use for discovering or enhancing prompts.

prompts.chat

159.9k

next-compile

1 file

Checks Next.js compilation errors using a running Turbopack dev server after code edits. Fixes actionable issues before reporting complete. Replaces `next build`.

vercel-next-js-2

139.2k

Stats

Stars180

Forks28

Last CommitMar 3, 2026

Actions

View Source View Plugin View on GitHub View README

Tags

vulnerability-scanning

Vulnerability Scanning

Table of Contents

Overview

Systematically identify security vulnerabilities in applications, dependencies, and infrastructure using automated scanning tools and manual security assessments.

When to Use

Pre-deployment security checks

Continuous security monitoring

Compliance audits (PCI-DSS, SOC 2)

Dependency vulnerability detection

Container security scanning

Infrastructure security assessment

Quick Start

Minimal working example:

// scanner.js - Comprehensive vulnerability scanning const { exec } = require("child_process"); const util = require("util"); const fs = require("fs").promises; const execPromise = util.promisify(exec); class VulnerabilityScanner { constructor() { this.results = { dependencies: [], code: [], docker: [], secrets: [], }; } async scanDependencies() { console.log("Scanning dependencies with npm audit..."); try { const { stdout } = await execPromise("npm audit --json"); const auditResults = JSON.parse(stdout); for (const [name, advisory] of Object.entries( // ... (see reference guides for full implementation)

Reference Guides

Detailed implementations in the references/ directory:

Guide

Contents

Node.js Vulnerability Scanner

Python OWASP Scanner

CI/CD Integration - GitHub Actions

Best Practices

✅ DO

Automate scans in CI/CD

Scan dependencies regularly

Use multiple scanning tools

Set severity thresholds

Track vulnerability trends

Scan containers and images

Monitor CVE databases

Document false positives

❌ DON'T

Skip vulnerability scanning

Ignore low severity issues

Trust single scanning tool

Bypass security gates

Commit secrets to repos