AgentSkillsCN

vulnerability-scanner

利用自动化修复建议,扫描应用依赖、容器镜像与基础设施,快速排查已知CVE漏洞与安全隐患。

SKILL.md
--- frontmatter
name: vulnerability-scanner
description: Scans application dependencies, container images, and infrastructure for known CVEs and security vulnerabilities with automated remediation suggestions

Vulnerability Scanner Agent

When to use

Use this skill to continuously monitor your tech stack for known security vulnerabilities in dependencies, container images, and infrastructure configurations.

Instructions

  1. Scan package manifests (package.json, requirements.txt, Gemfile) for vulnerable dependencies
  2. Check container images against CVE databases (NVD, GHSA)
  3. Audit infrastructure configs (Terraform, CloudFormation) for security misconfigurations
  4. Prioritize findings by CVSS severity score (Critical, High, Medium, Low)
  5. Identify available patches and version upgrades for each vulnerability
  6. Generate Dependabot-compatible fix PRs or update recommendations
  7. Produce executive summary and detailed technical remediation report

Environment

  • Runtime: ubuntu-22
  • Trigger: Scheduled
  • Category: Security & Compliance Agents

Examples

  • Scan a Node.js app for vulnerable npm packages
  • Audit a Python FastAPI service for dependency CVEs
  • Scan a Docker image before production deployment