From agentic-security
Explains or teaches software vulnerabilities using plain-English briefs and Socratic walkthroughs. Activates on CVE/GHSA IDs, vulnerability names, or scanner findings.
How this skill is triggered — by the user, by Claude, or both
Slash command
/agentic-security:security-explainThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Activates when the user references a vulnerability by ID
Activates when the user references a vulnerability by ID
(CVE-2024-1234, GHSA-jf85-cpcp-j695) or asks for an explanation of a
specific finding — either as a quick plain-English brief or as a Socratic
teaching walkthrough. Don't wait for them to type /triage --explain.
Two modes live here:
[critical] CWE-89 SQL Injection at api/users.ts:42) and asks for context.ir-taint:app.js:14:py-cursor-execute)
and asks for context.Pick the mode. Use the plain-English explanation for "what is this / how bad" and to brief before a fix. Switch to the Socratic walkthrough when the user wants to understand — help me understand, why is this dangerous, what's wrong here — and not just be told the answer.
Look it up locally first. Call MCP lookup_cve({ cve: "CVE-…" })
— it returns the cached OSV / KEV / EPSS data with staleness tier.
If it's there, lead with the cached snapshot (vendor + product + date
added + KEV status). No network call needed.
Then read the relevant explainer. If the user has a scan in
.agentic-security/last-scan.json and the CVE matches a finding,
pull the finding's description, remediation, and whyFired
evidence — call MCP explain_finding({ finding_id }). If they
don't have a scan yet, fall back to the generic CWE explainer.
Render the explanation in plain English. Four parts:
/fix --rotate-secret).Offer the narrative shape if the user is non-technical. Suggest
/triage --explain --narrative for the four-act attack story when the
audience is a builder or a PM, not a security engineer.
lookup_cve returns
present: false, say "I don't have current data on this CVE — the
local OSV cache doesn't have it" and offer to run /scan --all
which populates the cache.Use this when the user wants to understand a finding, not just read
its remediation field. The default /triage --explain and the security-
fixer agent both default to "here's the answer." This mode teaches.
Identify the three actors. Every taint finding has:
Walk source → sink as a story. Not "CWE-89 is SQL injection."
Instead: "An attacker hits this endpoint. Their ?name= query string
becomes the name variable on line 12. Trace it: line 13 concatenates
it into query. Line 14 passes query to cursor.execute. The
database now interprets the attacker's apostrophe as a SQL string
delimiter."
Ask before showing. "What payload would make this dump every row?" Let the user try first. If they're stuck, give them ONE hint: "The attacker needs to escape the SQL string and append a clause that always evaluates to true."
Show the fix structurally. When the user names the payload, reveal:
cursor.execute("SELECT * FROM users WHERE name = %s", (name,))
And explain: parameterized form sends the value via a SEPARATE channel; the database never parses it as SQL.
Verify understanding. "Why doesn't name.replace('\\'', '')
work as a fix?" Common follow-up traps to test:
Apply the fix together. Once the user gets it, use
synthesize_fix → verify_fix → apply_fix from the deterministic
toolchain — same as security-fix-finding, but with the
understanding earned.
| CWE | Key question to ask first |
|---|---|
| CWE-89 (SQLi) | What's the difference between a SQL string literal and a SQL identifier? |
| CWE-79 (XSS) | What HTML metacharacters does the attacker need? Which contexts give them more / less power? |
| CWE-78 (cmd-inj) | What does /bin/sh -c parse that execve doesn't? |
| CWE-22 (path) | Why doesn't path.replace('../', '') work? |
| CWE-918 (SSRF) | What can an attacker reach FROM your server that they can't reach FROM their browser? |
| CWE-502 (deser) | Why is json.loads safe but pickle.loads not? |
| CWE-94 (SSTI) | What's the difference between rendering a template vs. compiling a template from input? |
| CWE-1321 (proto) | What's the prototype chain? What does __proto__ write to? |
/triage --explain <finding-id-or-CWE-or-vuln-name> — encyclopedic CWE
reference (read-only); add --narrative for the four-act attack story./fix <finding-id> (or /fix --one <id>) — apply the fix with verification./scan / /scan --all — populate the OSV cache, then re-scan after apply
to confirm clean.The security industry has a learned-helplessness problem with developers: tools say "you have a vulnerability, here's a patch," developers click "apply." Six months later the same dev creates the same bug class. The Socratic mode is the antidote — every finding is also a teaching moment. Stickiest use comes from junior devs, who become senior advocates.
npx claudepluginhub clear-capabilities/agentic-security --plugin agentic-securityResearches a CVE or vulnerability disclosure end-to-end: affected versions, reachability in your code, public PoC availability, patch status, exposure window, and mitigation guidance. Use for CVE, zero-day, EPSS, or patch triage.
Guides setting up coordinated vulnerability disclosure programs, responding to external reports, writing security advisories, and requesting CVEs.
Determines whether a known CVE/GHSA advisory is actually exploitable in a given project using reachability analysis across multiple ecosystems (npm, Maven, pip, Go, Rust, etc.).