SkillHub
SkillHubagent skills marketplace
Menu
All SkillsStacksKOLHotRankings
Sign inGet Pro
Back to skills
SkillHub ClubShip Full StackFull Stack

scan-vulnerabilities

Imported from https://github.com/mvillmow/ProjectOdyssey.

Packaged view

This page reorganizes the original catalog entry around fit, installability, and workflow context first. The original raw source lives below.

Stars
14
Hot score
86
Updated
March 19, 2026
Overall rating
C4.0
Composite score
4.0
Best-practice grade
A92.0

Install command

npx @skill-hub/cli install mvillmow-projectodyssey-scan-vulnerabilities

Repository

mvillmow/ProjectOdyssey

Skill path: .claude/skills/tier-2/scan-vulnerabilities

Imported from https://github.com/mvillmow/ProjectOdyssey.

Open repository

Best for

Primary workflow: Ship Full Stack.

Technical facets: Full Stack.

Target audience: everyone.

License: Unknown.

Original source

Catalog source: SkillHub Club.

Repository owner: mvillmow.

This is still a mirrored public skill entry. Review the repository before installing into production workflows.

What it helps with

  • Install scan-vulnerabilities into Claude Code, Codex CLI, Gemini CLI, or OpenCode workflows
  • Review https://github.com/mvillmow/ProjectOdyssey before adding scan-vulnerabilities to shared team environments
  • Use scan-vulnerabilities for development workflows

Works across

Claude CodeCodex CLIGemini CLIOpenCode

Favorites: 0.

Sub-skills: 0.

Aggregator: No.

Original source / Raw SKILL.md

---
name: scan-vulnerabilities
description: "Detect security vulnerabilities in code and dependencies. Use when auditing security."
mcp_fallback: none
category: security
tier: 2
---

# Scan Vulnerabilities

Systematically scan code for security vulnerabilities including unsafe patterns, known CVEs, and potential exploits.

## When to Use

- Regular security audits
- Before releasing code to production
- When updating dependencies
- In CI/CD security checks

## Quick Reference

```bash
# Python security scanning
pip install bandit safety

# Scan code for security issues
bandit -r . -ll

# Check for known vulnerabilities in dependencies
safety check

# Advanced: SAST scanning
python3 -m pip install semgrep
semgrep --config=p/security-audit --json .
```

## Workflow

1. **Scan code for issues**: Identify unsafe patterns (SQL injection, exec, hardcoded secrets)
2. **Check dependencies**: Scan for known vulnerabilities (CVEs)
3. **Review findings**: Analyze severity and exploitability
4. **Prioritize fixes**: Address critical/high severity issues first
5. **Document fixes**: Record how vulnerabilities were resolved

## Output Format

Security scan report:

- Vulnerability type (SQL injection, hardcoded secret, etc.)
- Location (file, line number)
- Severity (critical/high/medium/low)
- CVSS score (if applicable)
- Vulnerable dependency version (if applicable)
- Recommended fix
- Fixed version (if dependency)

## References

- See CLAUDE.md > Security standards for security guidelines
- See `quality-security-scan` skill for automated CI scanning
- OWASP Top 10 for common vulnerability categories
scan-vulnerabilities | SkillHub