sec-security-vulnerability-engineer
CommunityEnforce dependency vulnerability gates
System Documentation
What problem does it solve?
Many repositories span multiple ecosystems and lack consistent SCA (software composition analysis) checks, leaving critical and high-severity dependency vulnerabilities undetected before build or release. This Skill reduces release risk by systematically auditing dependencies, enforcing severity-based quality gates, and guiding minimal, safe remediations.
Core Features & Use Cases
- Cross-stack vulnerability audits for .NET backends, frontend projects using npm/pnpm/yarn, and Rust crates.
- Severity classification & policy enforcement to fail pipelines or block releases based on configurable thresholds (e.g., Critical, High).
- Minimal safe remediation that proposes targeted upgrades or patches, reruns audits, and reports residual risk and artifacts.
- Use Case: Run a pre-release security gate that audits all packages, blocks the pipeline on critical/high findings, applies vetted upgrades, and produces a remediation summary for the release notes.
Quick Start
Run a cross-stack dependency vulnerability audit across the repository, classify findings by severity, enforce fail-on Critical,High, apply minimal safe upgrades, and produce a remediation report.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: sec-security-vulnerability-engineer Download link: https://github.com/ThiagoGuislotti/copilot-instructions/archive/main.zip#sec-security-vulnerability-engineer Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.