From agentic-security
Explain a CVE / GHSA / finding in plain English. Activate on CVE-id, GHSA-, or "what is this vuln" questions.
How this skill is triggered — by the user, by Claude, or both
Slash command
/agentic-security:security-explain-cveThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Activates automatically when the user references a vulnerability by ID
Activates automatically when the user references a vulnerability by ID
(CVE-2024-1234, GHSA-jf85-cpcp-j695) or asks for an explanation of a
specific finding. Don't wait for them to type /triage --explain.
[critical] CWE-89 SQL Injection at api/users.ts:42) and asks for context.Look it up locally first. Call MCP lookup_cve({ cve: "CVE-…" })
— it returns the cached OSV / KEV / EPSS data with staleness tier.
If it's there, lead with the cached snapshot (vendor + product + date
added + KEV status). No network call needed.
Then read the relevant explainer. If the user has a scan in
.agentic-security/last-scan.json and the CVE matches a finding,
pull the finding's description, remediation, and whyFired
evidence — call MCP explain_finding({ finding_id }). If they
don't have a scan yet, fall back to the generic CWE explainer.
Render the explanation in plain English. Four parts:
/fix --rotate-secret).Offer the narrative shape if the user is non-technical. Suggest
/triage --explain --narrative for the four-act attack story when the
audience is a builder or a PM, not a security engineer.
lookup_cve returns
present: false, say "I don't have current data on this CVE — the
local OSV cache doesn't have it" and offer to run /scan --all
which populates the cache.If the user wants the explanation as a one-shot CLI output:
/triage --explain <finding-id-or-CWE-or-vuln-name> (or /triage --explain --narrative
for the attack-story shape).
npx claudepluginhub securityphoenix/agentic-security --plugin agentic-securityGuides completion of development work by verifying tests, detecting environment, and presenting structured options for merge, PR, or cleanup.
Enforces test-driven development: write failing test first, then minimal code to pass. Use when implementing features or bugfixes.
Guides creation and editing of skills using test-driven development with pressure scenarios and subagents to verify agent compliance.