Snyk Agent Scan Compliance

Rewrite and restructure skill files to fix snyk-agent-scan alerts (W001/W011/W012) without suppressing information; for authors and reviewers in CI or local sca

triggers:snyk-agent-scanW001W011W012skill compliancescan remediationagent-scan

GitHub SKILL.md

What it does

This skill provides a compliance-focused playbook for remediating snyk-agent-scan alerts in agent SKILL.md files and related directory assets. It guides authors to restructure content (not suppress it) to resolve three classes of scanner alerts: prompt-injection patterns (W001), third-party content exposure (W011), and potentially malicious external URLs or unpinned installs (W012). The goal is to make skills safe for automated scanning while preserving useful information.

When to use it

Use during skill authoring, pre-commit checks, CI triage, or when a PR is blocked by snyk-agent-scan failures. It is appropriate for maintainers fixing multiple alerts, reviewers validating fixes, and test environments where a re-scan is required after each change.

What's included

Scripts: none in this skill (has_scripts=false)
References: includes detailed pattern files under references/ (W001, W011, W012 catalogs)
Instructions: step-by-step remediation methodology, pre-authoring checklist, example before/after rewrites, and quick reference commands for running the scanner locally or in CI.

Compatible agents

Designed for coding-focused agents (Claude Code, Copilot/Copilot Chat, Cursor, Codex-style assistants) that assist with authoring and code review tasks.

Not yet audited

This skill has not been reviewed by our automated audit pipeline yet.

Information

Repository: cc-skills
Stars: 132
Installs: 0

More from cc-skills

Training Report

Generate a structured, publishable training or workshop report (Markdown first, .docx final) summarising sessions, participant feedback and recommendations.

Related Skills

Reverse Engineer

Provides step-by-step guidance and best practices for binary reverse engineering: static analysis, dynamic tracing, disassembly, and documentation workflows for

Run Execute

Orchestrates execution of work items across modes (autopilot, confirm, validate) with scripted init/complete tooling, plan/test/report artifacts and strict gati

Sandbox0 Integration

Guidance and templates for integrating Sandbox0 sandboxing into AI agents — CLI/SDK patterns, templates, volumes, network policy, and deployment choices.

GraphQL Inspector — Validate

Validate GraphQL operations against a schema with configurable depth, complexity, alias and directive limits to catch errors before runtime.

Alpha Forge Pre-Ship Quality Gates

Pre-merge quality gates for PRs that validate RNG determinism, forked URLs, runtime parameter ranges, and manifest synchronization to reduce review cycles.

OpenTestAI

Automated, high-confidence AI testing: bug detection, persona feedback, and prioritized test-case generation using many specialized tester profiles.

Blender Build-Go (bgo)

Automate build → remove → install → enable → launch cycle for Blender extensions or add-ons to speed up iteration and CI workflows.

CTF Write-up Generator

Generate a concise, reproducible submission-style CTF writeup with a one-path solution script, metadata, and a short checklist for fast verification.

Back to Skills