
from david-skills57
Performs read-only security audits of systems and projects for CVEs, breaches, and malicious packages with structured reporting.
This skill enables an agent to conduct a non-destructive, read-only security audit of a user's local environment. It specifically looks for exposure to known CVEs, supply-chain attacks (malicious packages), and other security advisories. The agent investigates installed versions of software, running processes, and configuration files to determine if a system is vulnerable.
Activate this skill when a user shares a security advisory, asks if they are affected by a specific breach or malware, or requests a general vulnerability scan of their machine (e.g., "Am I affected by the latest X vulnerability?").
Designed for agents with shell access (Bash) and file-system read capabilities, such as Claude Code, Codex, and other ACP-compatible harnesses.
This skill has not been reviewed by our automated audit pipeline yet.