skills for everythingAgent Skill
2/7/2026cve-scan
Scan all project dependencies for known CVEs and security vulnerabilities
G
geomar
1GitHub Stars
1Views
npx skills add geomar-od-lagrange/2024_hex_dashboard
SKILL.md
| Name | cve-scan |
| Description | Scan all project dependencies for known CVEs and security vulnerabilities |
name: cve-scan description: Scan all project dependencies for known CVEs and security vulnerabilities
CVE Vulnerability Scanner
Scan project dependencies for known CVEs.
Discovery
First, find all dependency manifests:
find . -name "package.json" -o -name "pyproject.toml" -o -name "Cargo.toml" -o -name "go.mod" | grep -v node_modules
Scanning
Node.js (package.json)
Ensure npm is available (install via pixi in /tmp if needed). Then for each directory with package.json:
npm audit --prefix <dir>
Python (pyproject.toml with pixi)
cd <dir> && pixi run pip install pip-audit -q && pixi run pip-audit
Python (requirements.txt or pyproject.toml without pixi)
pip-audit -r requirements.txt
# or
pip-audit
Output
Report findings as a table:
| Package | Severity | Advisory | Fix |
|---|
If security/cve-scan.md exists, append timestamped results.
Fixing
- Node.js:
npm audit fix(use--forceonly if user approves) - Python/pixi:
pixi updateor add version constraint to pyproject.toml
Verification
After applying fixes, verify the app still works:
- Start the app:
docker compose up -d - Wait for healthy status:
docker compose ps - Test frontend:
curl -s http://localhost:5173/ | head -5 - Test API:
curl -s "http://localhost:5173/api/connectivity?depth=05m&time_range=00d-07d&start_id=100" | head -c 200
Only commit fixes after verification passes. Update security/cve-scan.md with verification status.
Skills Info
Original Name:cve-scanAuthor:geomar
Download