vulnerability-management

Vulnerability Management Skill

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "vulnerability-management" with this command: npx skills add sherifeldeeb/agentskills/sherifeldeeb-agentskills-vulnerability-management

Vulnerability Management Skill

Manage the complete vulnerability lifecycle from discovery to remediation with scan processing, risk prioritization, and tracking capabilities.

Capabilities

  • Scan Processing: Parse vulnerability scan results (Nessus, Qualys, generic CSV)

  • Risk Prioritization: Score and prioritize vulnerabilities by risk

  • Remediation Tracking: Track remediation progress with SLAs

  • Exception Management: Document risk acceptances and exceptions

  • Reporting: Generate executive and technical vulnerability reports

  • Metrics: Track vulnerability management KPIs

Quick Start

from vuln_utils import VulnerabilityScanner, RemediationTracker, VulnMetrics

Process scan results

scanner = VulnerabilityScanner() scanner.add_finding('CVE-2024-1234', 'Critical', 'SERVER-01', 'Remote code execution') scanner.add_finding('CVE-2024-5678', 'High', 'SERVER-02', 'SQL injection')

Track remediation

tracker = RemediationTracker() tracker.add_vulnerability('CVE-2024-1234', 'Critical', 'SERVER-01') tracker.assign('CVE-2024-1234', 'admin-team', due_date='2024-02-01') tracker.mark_remediated('CVE-2024-1234', 'Patched')

Generate report

print(scanner.generate_report())

Usage

Scan Processing

Parse and normalize vulnerability scan results.

Example:

from vuln_utils import VulnerabilityScanner

scanner = VulnerabilityScanner()

Add findings manually

scanner.add_finding( cve_id='CVE-2024-1234', severity='Critical', affected_host='SERVER-01', description='Remote code execution in Apache', cvss_score=9.8, solution='Update to version 2.4.55' )

scanner.add_finding( cve_id='CVE-2024-5678', severity='High', affected_host='SERVER-02', description='SQL injection vulnerability', cvss_score=8.2, solution='Apply security patch KB12345' )

Parse from CSV

scanner.import_csv('scan_results.csv')

Parse Nessus CSV export

scanner.import_nessus_csv('nessus_export.csv')

Get summary

print(scanner.get_summary())

Filter by severity

critical = scanner.get_by_severity('Critical') high = scanner.get_by_severity('High')

Get unique CVEs

cves = scanner.get_unique_cves()

Generate report

print(scanner.generate_report()) print(scanner.generate_executive_summary())

Risk Prioritization

Prioritize vulnerabilities based on multiple risk factors.

Example:

from vuln_utils import RiskPrioritizer

prioritizer = RiskPrioritizer()

Add vulnerabilities with context

prioritizer.add_vulnerability( cve_id='CVE-2024-1234', cvss_score=9.8, affected_host='SERVER-01', asset_criticality='high', exploit_available=True, internet_facing=True )

prioritizer.add_vulnerability( cve_id='CVE-2024-5678', cvss_score=8.2, affected_host='SERVER-02', asset_criticality='medium', exploit_available=False, internet_facing=False )

Calculate risk scores

prioritizer.calculate_risk_scores()

Get prioritized list

prioritized = prioritizer.get_prioritized_list() for vuln in prioritized: print(f"{vuln['cve_id']}: Risk Score {vuln['risk_score']}")

Get top N by risk

top_10 = prioritizer.get_top_n(10)

Generate risk report

print(prioritizer.generate_risk_report())

Remediation Tracking

Track vulnerability remediation progress.

Example:

from vuln_utils import RemediationTracker

tracker = RemediationTracker()

Add vulnerabilities to track

tracker.add_vulnerability( cve_id='CVE-2024-1234', severity='Critical', affected_host='SERVER-01', sla_days=7 # Critical = 7 days )

tracker.add_vulnerability( cve_id='CVE-2024-5678', severity='High', affected_host='SERVER-02', sla_days=30 # High = 30 days )

Assign to teams

tracker.assign('CVE-2024-1234', 'infrastructure-team', due_date='2024-02-01') tracker.assign('CVE-2024-5678', 'application-team', due_date='2024-02-15')

Update status

tracker.update_status('CVE-2024-1234', 'in_progress', notes='Patch scheduled for maintenance window')

Mark as remediated

tracker.mark_remediated('CVE-2024-1234', method='Patched to version 2.4.55')

Check SLA compliance

overdue = tracker.get_overdue() at_risk = tracker.get_at_risk(days=3) # Due within 3 days

Generate status report

print(tracker.generate_status_report())

Exception Management

Document risk acceptances and exceptions.

Example:

from vuln_utils import ExceptionManager

exceptions = ExceptionManager()

Create exception request

exceptions.create_exception( cve_id='CVE-2024-9999', affected_host='LEGACY-SERVER', reason='System scheduled for decommission in 90 days', compensating_controls='Network isolated, enhanced monitoring', requested_by='john.smith', expiration_date='2024-04-15' )

Approve exception

exceptions.approve_exception( cve_id='CVE-2024-9999', approved_by='security.manager', notes='Approved with condition of weekly review' )

Check for expired exceptions

expired = exceptions.get_expired()

Generate exception report

print(exceptions.generate_report())

Vulnerability Metrics

Track vulnerability management KPIs.

Example:

from vuln_utils import VulnMetrics

metrics = VulnMetrics()

Add historical data

metrics.add_scan_result({ 'date': '2024-01-15', 'critical': 5, 'high': 20, 'medium': 50, 'low': 100 })

metrics.add_remediation_record({ 'cve_id': 'CVE-2024-1234', 'severity': 'Critical', 'detected_at': '2024-01-10', 'remediated_at': '2024-01-15' })

Calculate metrics

print(f"MTTR (Critical): {metrics.calculate_mttr('Critical'):.1f} days") print(f"SLA Compliance: {metrics.calculate_sla_compliance():.1f}%") print(f"Remediation Rate: {metrics.calculate_remediation_rate():.1f}%")

Get trending data

trend = metrics.get_vulnerability_trend(days=90)

Generate metrics report

print(metrics.generate_report())

Asset-Based Views

View vulnerabilities by asset.

Example:

from vuln_utils import AssetVulnerabilityView

view = AssetVulnerabilityView()

Add asset vulnerability data

view.add_asset_vulnerability('SERVER-01', 'CVE-2024-1234', 'Critical') view.add_asset_vulnerability('SERVER-01', 'CVE-2024-5678', 'High') view.add_asset_vulnerability('SERVER-02', 'CVE-2024-9999', 'Medium')

Set asset metadata

view.set_asset_criticality('SERVER-01', 'high') view.set_asset_criticality('SERVER-02', 'medium')

Get asset risk summary

summary = view.get_asset_summary('SERVER-01')

Get highest risk assets

risky_assets = view.get_highest_risk_assets(limit=10)

Generate asset report

print(view.generate_asset_report('SERVER-01'))

Configuration

Environment Variables

Variable Description Required Default

VULN_SLA_CRITICAL

SLA days for Critical No 7

VULN_SLA_HIGH

SLA days for High No 30

VULN_SLA_MEDIUM

SLA days for Medium No 90

VULN_SLA_LOW

SLA days for Low No 180

Default SLAs

Severity Default SLA

Critical 7 days

High 30 days

Medium 90 days

Low 180 days

Limitations

  • No Scanner Integration: Manual import required

  • No Auto-Discovery: Assets must be defined manually

  • Local Storage: Data stored in memory only

Troubleshooting

Invalid CVSS Score

CVSS scores must be between 0.0 and 10.0:

Valid

scanner.add_finding('CVE-2024-1234', 'Critical', 'SERVER-01', cvss_score=9.8)

Invalid

scanner.add_finding('CVE-2024-1234', 'Critical', 'SERVER-01', cvss_score=15.0) # Error!

SLA Calculation Issues

Ensure dates are in correct format:

Correct format

tracker.assign('CVE-2024-1234', 'team', due_date='2024-02-01')

Incorrect format

tracker.assign('CVE-2024-1234', 'team', due_date='02/01/2024') # May fail

Related Skills

  • grc: Compliance integration

  • xlsx: Data analysis and reporting

  • docx: Report generation

References

  • Detailed API Reference

  • CVSS v3.1 Specification

  • NIST NVD

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

threat-intelligence

No summary provided by upstream source.

Repository SourceNeeds Review
15-sherifeldeeb
Security

malware-forensics

No summary provided by upstream source.

Repository SourceNeeds Review
6-sherifeldeeb
Automation

email-forensics

No summary provided by upstream source.

Repository SourceNeeds Review
13-sherifeldeeb
Automation

disk-forensics

No summary provided by upstream source.

Repository SourceNeeds Review
10-sherifeldeeb