xenitV1

vulnerability-scanner

@xenitV1/vulnerability-scanner
xenitV1
79
15 forks
Updated 1/6/2026
View on GitHub

Vulnerability scanning principles. DAST, SAST, SCA selection and integration.

Installation

$skills install @xenitV1/vulnerability-scanner
Claude Code
Cursor
Copilot
Codex
Antigravity

Details

RepositoryxenitV1/claude-code-maestro
Pathskills/vulnerability-scanner/SKILL.md
Branchmain
Scoped Name@xenitV1/vulnerability-scanner

Usage

After installing, this skill will be available to your AI coding assistant.

Verify installation:

skills list

Skill Instructions

name: vulnerability-scanner description: Vulnerability scanning principles. DAST, SAST, SCA selection and integration.

Vulnerability Scanner

Scanning tool selection and integration principles.

1. Scanner Type Selection

Decision Tree

What are you scanning?
│
├── Running application
│   └── DAST (Dynamic)
│
├── Source code
│   └── SAST (Static)
│
├── Dependencies
│   └── SCA (Composition)
│
├── Container images
│   └── Container scanners
│
└── Infrastructure
    └── Network scanners

Comparison

TypeScansFindsStage
DASTRunning appRuntime issuesPre-prod
SASTSource codeCode patternsDevelopment
SCADependenciesKnown CVEsBuild
NetworkInfrastructureMisconfigsAny time

2. Tool Selection Principles

DAST Tools

ScenarioTool Type
Web appsWeb vulnerability scanners
APIsAPI-aware scanners
AuthenticatedSession-aware scanners

SAST Tools

ScenarioTool Type
Multi-languageUniversal scanners
Single languageLanguage-specific
Custom rulesRule-based scanners

SCA Tools

ScenarioTool Type
npm/yarnPackage auditors
ContainersImage scanners
Full SBOMComprehensive SCA

3. CI/CD Integration Principles

Pipeline Stages

StageScan Type
CommitSAST (fast)
BuildSCA
Deploy to stagingDAST
Pre-productionFull scan

Gate Criteria

SeverityAction
CriticalBlock deployment
HighReview required
MediumLog and track
LowInformational

4. False Positive Management

Triage Workflow

  1. Auto-filter known false positives
  2. Context check - is code reachable?
  3. Manual verify - is it exploitable?
  4. Document - mark with reason

Baseline Approach

  • Create baseline of known issues
  • Only alert on new findings
  • Review baseline periodically

5. Vulnerability Prioritization

CVSS + Context

FactorConsideration
CVSS scoreBase severity
ExploitabilityEPSS score
Asset criticalityBusiness impact
ExposureInternet-facing?

Priority Formula

Priority = CVSS × Exploitability × Asset_Value

6. Reporting Principles

Report Components

ComponentContent
SummaryCounts by severity
FindingsDetails per vulnerability
TrendsChange over time
RemediationFix recommendations

Metrics to Track

  • Vulnerabilities by severity
  • Mean time to remediate
  • False positive rate
  • Coverage percentage

7. Anti-Patterns

❌ Don't✅ Do
Scan only in CIScan in multiple stages
Alert on everythingPrioritize by risk
Ignore false positivesMaintain baseline
Scan without contextConsider asset value

Remember: Scanning finds issues. Prioritization makes them actionable.

More by xenitV1

View all
api-patterns
79

API design principles and decision-making. REST vs GraphQL vs tRPC selection, response formats, versioning, pagination. Teaches thinking, not fixed patterns.

behavioral-modes
79

Defines different operational modes for AI behavior. Each mode optimizes for specific scenarios like brainstorming, implementation, or debugging.

database-design
79

Database design principles and decision-making. Schema design, indexing strategy, ORM selection, serverless databases. Teaches thinking, not fixed SQL.

mobile-design
79

Mobile-first design thinking and decision-making for iOS and Android apps. Touch interaction, performance patterns, platform conventions. Teaches principles, not fixed values. Use when building React Native, Flutter, or native mobile apps.