Skill

scanning-for-vulnerabilities

Scans codebases, dependencies, and configurations for security vulnerabilities including CVEs and code flaws, generating reports with severity ratings and remediation steps.

security

npx claudepluginhub jeremylongshore/claude-code-plugins-plus-skills --plugin vulnerability-scanner

Popularity

Parent stars

2,199

Parent forks

296

Invocation

How this skill is triggered — by the user, by Claude, or both

Slash command

/vulnerability-scanner:scanning-for-vulnerabilities

User invocable

Model invocable

Inline context

Default effort

Tool Access

This skill is limited to the following tools:

ReadWriteEditGrepGlobBash(cmd:*)

Context Preview

The summary Claude sees in its skill listing — used to decide when to auto-load this skill

Scan codebases, dependencies, and configurations for security vulnerabilities including CVE detection, code-level flaws, and insecure defaults, with severity ratings and remediation steps.

Supporting Files

assets/README.mdreferences/README.mdscripts/README.mdscripts/scan.sh

SKILL.md

88 lines · ~924 tokens

Similar Skills

scan

Scans code for security vulnerabilities like auth bypass, injection, IDOR, mass assignment, race conditions, secrets, and insecure defaults. Audits Node.js/Python dependencies.

1 file5 tools

universe

security-reviewer

Identifies security vulnerabilities in code and infrastructure, generates structured audit reports with severity ratings and remediation guidance. For SAST scans, secrets scanning, dependency audits, penetration testing, DevSecOps, and compliance checks.

6 files4 tools

aigroup-workflow

cyber-neo

Scans local projects for dependency vulnerabilities (SCA), code security patterns (SAST), leaked secrets, auth/crypto flaws, misconfigs, supply chain risks, CI/CD issues. Generates prioritized report with remediation guidance.

16 files17 tools

cyber-neo

Stats

LanguagePython

Parent stars2,199

Parent forks296

MaintenanceExcellent

Last CommitApr 3, 2026

Actions

View Source View Plugin View on GitHub View README

Help us improve

Share bugs, ideas, or general feedback.

Stats

Actions

Help us improve

Share bugs, ideas, or general feedback.

Vulnerability Scanner

Scan codebases, dependencies, and configurations for security vulnerabilities including CVE detection, code-level flaws, and insecure defaults, with severity ratings and remediation steps.

Overview

This skill empowers Claude to automatically scan your codebase for security vulnerabilities. It leverages the vulnerability-scanner plugin to identify potential risks, including code-level flaws, vulnerable dependencies, and insecure configurations.

How It Works

Initiate Scan: The skill activates the vulnerability-scanner plugin based on user input.
Perform Analysis: The plugin scans the codebase, dependencies, and configurations for vulnerabilities, including CVE detection.
Generate Report: The plugin creates a detailed vulnerability report with findings, severity levels, and remediation guidance.

When to Use This Skill

This skill activates when you need to:

Identify security vulnerabilities in your code.
Check your project's dependencies for known CVEs.
Review your project's configurations for security weaknesses.

Examples

Example 1: Identifying SQL Injection Risks

User request: "Scan my code for SQL injection vulnerabilities."

The skill will:

Activate the vulnerability-scanner plugin.
Analyze the codebase for potential SQL injection flaws.
Generate a report highlighting any identified SQL injection risks and providing remediation steps.

Example 2: Checking for Vulnerable npm Packages

User request: "Check my project's npm dependencies for known vulnerabilities."

The skill will:

Activate the vulnerability-scanner plugin.
Scan the project's package.json file and identify any npm packages with known CVEs.
Generate a report listing the vulnerable packages, their CVE identifiers, and recommended updates.

Best Practices

Regular Scanning: Run vulnerability scans regularly, especially before deployments.
Prioritize Remediation: Focus on addressing critical and high-severity vulnerabilities first.
Validate Fixes: After applying fixes, run another scan to ensure the vulnerabilities are resolved.

Integration

This skill integrates with the core Claude Code environment by providing automated vulnerability scanning capabilities. It can be used in conjunction with other plugins to create a comprehensive security workflow, such as integrating with a ticketing system to automatically create tickets for identified vulnerabilities.

Prerequisites

Appropriate file access permissions
Required dependencies installed

Instructions

Invoke this skill when the trigger conditions are met
Provide necessary context and parameters
Review the generated output
Apply modifications as needed

Output

The skill produces structured output relevant to the task.

Error Handling

Invalid input: Prompts for correction
Missing dependencies: Lists required components
Permission errors: Suggests remediation steps

Resources

Project documentation
Related skills and commands

scanning-for-vulnerabilities

Popularity

Invocation

Tool Access

Context Preview

Supporting Files

SKILL.md

Similar Skills

Help us improve

Help us improve

Find plugins for your project

scanning-for-vulnerabilities

Popularity

Invocation

Tool Access

Context Preview

Supporting Files

SKILL.md

Vulnerability Scanner

Overview

How It Works

When to Use This Skill

Examples

Example 1: Identifying SQL Injection Risks

Example 2: Checking for Vulnerable npm Packages

Best Practices

Integration

Prerequisites

Instructions

Output

Error Handling

Resources

Similar Skills

Help us improve

Vulnerability Scanner

Overview

How It Works

When to Use This Skill

Examples

Example 1: Identifying SQL Injection Risks

Example 2: Checking for Vulnerable npm Packages

Best Practices

Integration

Prerequisites

Instructions

Output

Error Handling

Resources