security-reporting

What problem does it solve?

This Skill provides best practices for creating and structuring comprehensive security audit reports, transforming raw vulnerability data into clear, actionable insights. It solves the challenge of communicating complex security findings to diverse stakeholders, ensuring effective remediation and risk management.

Core Features & Use Cases

• Standardized Report Structure: Guides you through essential sections like Executive Summary, Vulnerability Details, Risk Assessment, and Action Plan.
• Risk Scoring Methodology: Utilizes CVSS, exploitability, scope, and context to provide a quantifiable risk score for each finding.
• Actionable Recommendations: Focuses on providing concrete, implementable remediation steps with code examples and references.
• Stakeholder Communication: Tailors report content for different audiences, from executive summaries for management to technical details for development teams.
• Use Case: After a security audit, use this skill to automatically generate a detailed Markdown report from your vulnerability findings. The report will include an executive summary for leadership, specific code-level recommendations for developers, and a prioritized action plan to streamline remediation efforts.

Quick Start

Use the security-reporting skill to generate a security report from the attached JSON findings. Ensure the report includes an executive summary and detailed vulnerability descriptions. Prioritize the findings based on the risk scoring methodology.