format-security
CommunityTurn security audits into prioritized remediation tasks.
Software Engineering#OWASP#security#vulnerability#remediation#compliance#risk management#CVSS#penetration test
Authornathanvale
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Security audit reports and penetration test results are often dense and lack clear, actionable remediation steps. This skill automates the conversion of these findings into structured, prioritized tasks, ensuring critical vulnerabilities are addressed promptly and efficiently.
Core Features & Use Cases
- Risk-Based Prioritization: Automatically maps CVSS scores and OWASP risks to P0-P3 priorities, with escalation rules for critical factors like PII exposure or compliance violations.
- Comprehensive Enrichment: Adds 15 detailed enrichments, including specific file locations, effort estimates, regression risk, and security-focused acceptance criteria.
- Compliance & Threat Context: Extracts and documents compliance impact (GDPR, HIPAA, PCI-DSS) and threat actor analysis for each vulnerability.
- Use Case: You receive a penetration test report detailing several high-severity findings. Use this skill to instantly generate a set of prioritized remediation tasks, complete with code examples, testing requirements, and compliance notes, ready for your development team to implement.
Quick Start
Use the format-security skill to convert the attached 'Q4-security-audit.md' into actionable tasks.
Dependency Matrix
Required Modules
bun
Components
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: format-security Download link: https://github.com/nathanvale/dotfiles/archive/main.zip#format-security Please download this .zip file, extract it, and install it in the .claude/skills/ directory.