OSS Vulnerabilities — Skill Entry
This SKILL.md is the entrypoint for the OSS Vulnerabilities skill.
The skill encodes the OWASP Open Source Software Top 10 as structured, machine-readable references that an agent can query to identify, assess, and remediate risks associated with open source software dependencies.
Normative references (OSS Top 10)
- •00 Vulnerability Index
- •01 Known Vulnerabilities
- •02 Compromise of Legitimate Package
- •03 Name Confusion Attacks
- •04 Unmaintained Software
- •05 Outdated Software
- •06 Untracked Dependencies
- •07 License and Regulatory Risk
- •08 Immature Software
- •09 Unapproved Change
- •10 Under/Over-sized Dependency
Skill layout
- •
SKILL.md— this file (skill entrypoint). - •
references/— the OSS Top 10 normative documents.- •
00-vulnerability-index.md— master index of all vulnerability identifiers, categories, and cross-references. - •
01through10— one document per vulnerability aligned with OWASP OSS Risk numbering.
- •
- •
assets/— reusable format and constants blocks.- •
constants/— vulnerability catalog and category definitions.- •
constants-oss-catalog-v1.0.0.md
- •
- •
formats/— output contract examples.- •
format-vulnerability-assessment-v1.0.0.md - •
format-remediation-checklist-v1.0.0.md
- •
- •