vulnerability-scanner
SKILL.md
Vulnerability Scanner
Quick Start
Scan a codebase for common vulnerabilities:
# For JavaScript/TypeScript
npx eslint --plugin security .
# For Python
bandit -r . -f json
# For general patterns
grep -rn "eval\|exec\|system\|shell" --include="*.py" --include="*.js"
Instructions
Step 1: Identify Project Type
Detect the technology stack:
- Check for
package.json(Node.js) - Check for
requirements.txtorpyproject.toml(Python) - Check for
go.mod(Go) - Check for
Cargo.toml(Rust)
Step 2: Run Static Analysis
JavaScript/TypeScript:
npx eslint --plugin security --ext .js,.ts,.jsx,.tsx .
Python:
pip install bandit
bandit -r . -f json -o bandit-report.json
Go:
go install golang.org/x/vuln/cmd/govulncheck@latest
govulncheck ./...
Step 3: Check for Common Patterns
Scan for dangerous patterns:
| Pattern | Risk | Languages |
|---|---|---|
eval() |
Code injection | JS, Python |
exec() |
Command injection | Python |
shell=True |
Command injection | Python |
dangerouslySetInnerHTML |
XSS | React |
| SQL string concatenation | SQL injection | All |
pickle.loads() |
Deserialization | Python |
Step 4: Categorize Findings
Assign severity based on:
- Critical: Remote code execution, authentication bypass
- High: SQL injection, XSS, SSRF
- Medium: Information disclosure, CSRF
- Low: Missing headers, verbose errors
Step 5: Generate Report
Format findings:
## Security Scan Results
### Critical (0)
[None found]
### High (2)
1. **SQL Injection** - src/db/queries.js:45
- Pattern: String concatenation in SQL query
- Fix: Use parameterized queries
2. **XSS Vulnerability** - src/components/Comment.jsx:23
- Pattern: dangerouslySetInnerHTML with user input
- Fix: Sanitize input with DOMPurify
Common Vulnerability Patterns
Injection Flaws
// BAD: SQL Injection
const query = `SELECT * FROM users WHERE id = ${userId}`;
// GOOD: Parameterized query
const query = 'SELECT * FROM users WHERE id = ?';
db.query(query, [userId]);
Cross-Site Scripting (XSS)
// BAD: Direct HTML insertion
element.innerHTML = userInput;
// GOOD: Text content or sanitization
element.textContent = userInput;
// or
element.innerHTML = DOMPurify.sanitize(userInput);
Advanced
For detailed information, see:
- CVE Patterns - Common vulnerability patterns by type
- Remediation Guide - Fix strategies for each vulnerability type
- Tools Reference - Security scanning tools by language
Weekly Installs
5
Repository
armanzeroeight/…-pluginsGitHub Stars
26
First Seen
Feb 4, 2026
Security Audits
Installed on
claude-code5
opencode4
gemini-cli4
github-copilot4
codex4
replit3