cvss AI Agent Skills
Browse 21 skills related to cvss
cvss-score-extraction
Extract CVSS (Common Vulnerability Scoring System) scores from vulnerability data sources with proper fallback handling. This skill covers understanding CVSS v3, handling multiple score sources (NVD, GHSA, RedHat), implementing source priority logic, and dealing with missing scores in security reporting.
sca-trivy
Software Composition Analysis (SCA) and container vulnerability scanning using Aqua Trivy for identifying CVE vulnerabilities in dependencies, container images, IaC misconfigurations, and license compliance risks. Use when: (1) Scanning container images and filesystems for vulnerabilities and misconfigurations, (2) Analyzing dependencies for known CVEs across multiple languages (Go, Python, Node.js, Java, etc.), (3) Detecting IaC security issues in Terraform, Kubernetes, Dockerfile, (4) Integrating vulnerability scanning into CI/CD pipelines with SARIF output, (5) Generating Software Bill of Materials (SBOM) in CycloneDX or SPDX format, (6) Prioritizing remediation by CVSS score and exploitability.
ln-625-dependencies-auditor
Dependencies audit worker (L3). Checks outdated packages, unused deps, reinvented wheels, vulnerability scan (CVE/CVSS). Supports mode: full | vulnerabilities_only.
container-grype
Container vulnerability scanning and dependency risk assessment using Grype with CVSS severity ratings, EPSS exploit probability, and CISA KEV indicators. Use when: (1) Scanning container images and filesystems for known vulnerabilities, (2) Integrating vulnerability scanning into CI/CD pipelines with severity thresholds, (3) Analyzing SBOMs (Syft, SPDX, CycloneDX) for security risks, (4) Prioritizing remediation based on threat metrics (CVSS, EPSS, KEV), (5) Generating vulnerability reports in multiple formats (JSON, SARIF, CycloneDX) for security toolchain integration.
vulnerability-management
Vulnerability lifecycle management including CVE tracking, CVSS scoring, risk prioritization, remediation workflows, and coordinated disclosure practices
vulnerability-assessor
Assess identified vulnerabilities for exploitability, impact, and risk. Provide CVSS scoring and remediation strategies. Use when analyzing security findings.
vulnerability-resolver
Specialized CVE and vulnerability management for morphir-dotnet. Use when user asks to scan for vulnerabilities, fix CVEs, suppress false positives, review security reports, or manage dependency-check. Triggers include "CVE", "vulnerability", "security scan", "dependency-check", "suppress", "false positive", "CVSS", "security fix".
security-audit
Security audit patterns for PHP/OWASP. Use when conducting security assessments, identifying vulnerabilities (XXE, SQL injection, XSS), or CVSS scoring.
security-vulnerability-fix
Fixes npm dependency security vulnerabilities with a complete workflow. Automatically triggered when users mention security warnings, Dependabot alerts, CVE vulnerabilities, or npm audit issues. The workflow covers vulnerability queries (including CVE and CVSS checks), package upgrades, verification of fixes via build/test, and version release following semantic versioning. It also updates project metadata such as package.json, produces bilingual CHANGELOG entries, can build a VSIX for VS Code extensions, and synchronizes SECURITY.md. Includes example gh and npm commands, automated activation conditions, and operational checkpoints to reduce human error, accelerate remediation, and keep an auditable compliance record.
pentest-vuln-analyzer
Correlate scanner results with CVE and exploit intelligence and prioritize by CVSS and exploitability.
security-audit
Use when conducting security assessments, CVSS scoring, or auditing PHP/TYPO3 projects against OWASP Top 10 and CWE Top 25.
building-vulnerability-scanning-workflow
Builds a structured vulnerability scanning workflow using tools like Nessus, Qualys, and OpenVAS to discover, prioritize, and track remediation of security vulnerabilities across infrastructure. Use when SOC teams need to establish recurring vulnerability assessment processes, integrate scan results with SIEM alerting, and build remediation tracking dashboards.
implementing-epss-score-for-vulnerability-prioritization
Integrate FIRST's Exploit Prediction Scoring System (EPSS) API to prioritize vulnerability remediation based on real-world exploitation probability within 30 days.
performing-endpoint-vulnerability-remediation
Performs vulnerability remediation on endpoints by prioritizing CVEs based on risk scoring, deploying patches, applying configuration changes, and validating fixes. Use when remediating findings from vulnerability scans, responding to critical CVE advisories, or maintaining endpoint compliance with patch management SLAs. Activates for requests involving vulnerability remediation, CVE patching, endpoint vulnerability management, or security fix deployment.
triaging-vulnerabilities-with-ssvc-framework
Triage and prioritize vulnerabilities using CISA's Stakeholder-Specific Vulnerability Categorization (SSVC) decision tree framework to produce actionable remediation priorities.
performing-cve-prioritization-with-kev-catalog
Leverage the CISA Known Exploited Vulnerabilities catalog alongside EPSS and CVSS to prioritize CVE remediation based on real-world exploitation evidence.
performing-vulnerability-scanning-with-nessus
Performs authenticated and unauthenticated vulnerability scanning using Tenable Nessus to identify known vulnerabilities, misconfigurations, default credentials, and missing patches across network infrastructure, servers, and applications. The scanner correlates findings with CVE databases and CVSS scores to produce prioritized remediation guidance. Activates for requests involving vulnerability scanning, Nessus assessment, patch compliance checking, or automated vulnerability detection.
None
The Common Vulnerability Scoring System (CVSS) is the industry standard framework maintained by FIRST (Forum of Incident Response and Security Teams) for assessing vulnerability severity. CVSS v4.0 (r
security-agent
Security Engineer sub-agent. Scans code for OWASP Top 10 vulnerabilities, detects hardcoded secrets and API keys, reviews authentication and authorization implementations, identifies injection vectors (SQL, NoSQL, command, LDAP), checks for insecure dependencies, and performs threat modeling. Rates findings by CVSS severity. Use when auditing security, reviewing auth code, checking dependencies for CVEs, or before any production deployment. Triggers - security audit, vulnerability, OWASP, CVE, auth review, is this safe, security check, injection.
writing-security-reports
Use when documenting security findings, writing pentest reports, creating vulnerability advisories, drafting executive summaries for security assessments, formatting evidence for security deliverables, scoring vulnerabilities with CVSS, writing remediation guidance, or producing any security assessment documentation deliverable.
security-assessment
Use when planning, scoping, or executing a comprehensive security assessment, penetration test, red team engagement, or security audit. Use when the user needs to coordinate multiple security testing activities, define assessment scope and rules of engagement, perform threat modeling, rate risk using CVSS, map findings to compliance frameworks (OWASP Top 10, PCI DSS, SOC 2, ISO 27001), manage assessment lifecycle from planning through reporting, or orchestrate multiple security skills together. Use as the master coordinator when no single specialized skill covers the full task.