跳转到主要内容
此内容尚未提供您的语言版本,正在以英文显示。

Vulnetix

插件 已验证 活跃

Vulnerability intelligence and remediation skills for Claude Code — 7 skills for exploit analysis, fix proposals, scoring, exploits, and package security via the Vulnetix VDB API

7 个 Skill 0 个 MCP
目的

To empower users with actionable vulnerability intelligence and remediation guidance directly within Claude Code, enhancing security posture and streamlining the vulnerability management workflow.

功能

  • Vulnerability lookup and details
  • Exploit intelligence analysis
  • Package security risk assessment
  • Context-aware remediation planning
  • Repository impact analysis

使用场景

  • Assessing the risk of a known CVE in your project.
  • Discovering actively exploited vulnerabilities relevant to your technology stack.
  • Evaluating the security of a new dependency before adding it.
  • Generating a comprehensive remediation plan for a critical vulnerability.

非目标

  • Automatically applying fixes without user confirmation.
  • Performing actual exploit execution or security testing.
  • Replacing manual security review processes entirely.

工作流

  1. Load vulnerability memory and repository context.
  2. Fetch vulnerability/exploit/package data from Vulnetix VDB.
  3. Analyze repository impact (dependencies, code patterns, OS/container context).
  4. Present structured findings (summary, exploit details, fix options).
  5. Update vulnerability memory with new findings and analysis.
  6. Provide actionable next steps for remediation or further investigation.

实践

  • Vulnerability Management
  • Security Analysis
  • Code Quality
  • Developer Productivity

先决条件

  • Network access to Vulnetix VDB API
  • Internet access for external API calls
  • Optional: gh CLI for enhanced GitHub security integration

安装

/plugin install vulnetix@davepoon-buildwithclaude

包含 7 个扩展

Skill (7)

Dashboard 技能

View all tracked vulnerabilities and their current status

Exploits 技能

Analyze exploit intelligence for a vulnerability against the current repository

Exploits Search 技能

Search for exploits across all vulnerabilities with filtering by ecosystem, severity, source, and EPSS

Fix 技能

Get fix intelligence for a vulnerability and propose concrete remediation for the current repository

Package Search 技能

Search for packages and assess security risk before adding as dependencies

Remediation 技能

Get a context-aware remediation plan for a vulnerability with fix verification steps

Vuln 技能

Look up a vulnerability by ID or list all vulnerabilities for a package

质量评分

已验证
98 /100
1 day ago 分析

信任信号

最近提交6 days ago
GitHub 所有者 davepoon (opens in new tab)
星标2.9k
许可证Apache-2.0
网站buildwithclaude.com(opens in new tab)
状态
查看源代码

类似扩展

Microsoft Learn MCP 服务器

100

访问 Microsoft 官方文档、API 参考和代码示例,涵盖 Azure、.NET、Windows 等。

插件
MicrosoftDocs

Ruflo Security Audit

99

Security review, dependency scanning, policy gates, and CVE monitoring

插件
ruvnet

Socraticode

98

代码智能 — SocratiCode 的语义搜索工作流、依赖图分析和上下文伪影探索

插件
giancarloerra

Variant Analysis

79

Find similar vulnerabilities and bugs across codebases using pattern-based analysis

插件
trailofbits

Ruflo Intelligence

78

User-facing surface for Ruflo's self-learning system: 6 neural_* + 10 hooks_intelligence_* + 9 routing/meta hooks + 4 SONA/MicroLoRA tools (29 total). Implements the 4-step pipeline (RETRIEVE → JUDGE → DISTILL → CONSOLIDATE) and IPFS-based cross-project pattern transfer.

插件
ruvnet

Differential Review

78

Security-focused differential review of code changes with git history analysis and blast radius estimation

插件
trailofbits