vuln-analysis-expert

WooYun Vulnerability Analysis

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "vuln-analysis-expert" with this command: npx skills add aleister1102/skills/aleister1102-skills-vuln-analysis-expert

WooYun Vulnerability Analysis

Goal

Use the WooYun case library to classify a suspected vulnerability, derive root-cause hypotheses, and shape focused test or remediation guidance.

Guardrails

  • Use only for authorized security analysis.

  • Prefer evidence-backed hypotheses over speculation.

  • Separate reproduction guidance from remediation guidance.

Workflow (short)

  • Classify the issue type (e.g., SQLi, XSS, logic, authz).

  • Load the matching knowledge file or category set.

  • Map observed behavior to known patterns and bypasses.

  • Produce: test plan, impact assessment, and remediation notes.

References (load when needed)

  • vuln-analysis-expert/knowledge/ : deep guides by vulnerability type.

  • vuln-analysis-expert/categories/ : full case extracts (large).

  • vuln-analysis-expert/examples/ : sample analyses.

  • vuln-analysis-expert/PROGRESS.md : extraction status and coverage.

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

security-audit

No summary provided by upstream source.

Repository SourceNeeds Review
7-aleister1102
Security

security

No summary provided by upstream source.

Repository SourceNeeds Review
4-aleister1102
Security

security-threat-model

No summary provided by upstream source.

Repository SourceNeeds Review
2-aleister1102
Coding

codeql

No summary provided by upstream source.

Repository SourceNeeds Review
26-aleister1102