{"id":"61a827a0-be5e-47e6-bb59-c0fb905ce04c","shortId":"uxEaau","kind":"skill","title":"Vulnerability Scanner","tagline":"Antigravity Awesome Skills skill by Sickn33","description":"# Vulnerability Scanner\n\n> Think like an attacker, defend like an expert. 2025 threat landscape awareness.\n\n## 🔧 Runtime Scripts\n\n**Execute for automated validation:**\n\n| Script | Purpose | Usage |\n|--------|---------|-------|\n| `scripts/security_scan.py` | Validate security principles applied | `python scripts/security_scan.py <project_path>` |\n\n## 📋 Reference Files\n\n| File | Purpose |\n|------|---------|\n| [checklists.md](checklists.md) | OWASP Top 10, Auth, API, Data protection checklists |\n\n---\n\n## 1. Security Expert Mindset\n\n### Core Principles\n\n| Principle | Application |\n|-----------|-------------|\n| **Assume Breach** | Design as if attacker already inside |\n| **Zero Trust** | Never trust, always verify |\n| **Defense in Depth** | Multiple layers, no single point |\n| **Least Privilege** | Minimum required access only |\n| **Fail Secure** | On error, deny access |\n\n### Threat Modeling Questions\n\nBefore scanning, ask:\n1. What are we protecting? (Assets)\n2. Who would attack? (Threat actors)\n3. How would they attack? (Attack vectors)\n4. What's the impact? (Business risk)\n\n---\n\n## 2. OWASP Top 10:2025\n\n### Risk Categories\n\n| Rank | Category | Think About |\n|------|----------|-------------|\n| **A01** | Broken Access Control | Who can access what? IDOR, SSRF |\n| **A02** | Security Misconfiguration | Defaults, headers, exposed services |\n| **A03** | Software Supply Chain 🆕 | Dependencies, CI/CD, build integrity |\n| **A04** | Cryptographic Failures | Weak crypto, exposed secrets |\n| **A05** | Injection | User input → system commands |\n| **A06** | Insecure Design | Flawed architecture |\n| **A07** | Authentication Failures | Session, credential management |\n| **A08** | Integrity Failures | Unsigned updates, tampered data |\n| **A09** | Logging & Alerting | Blind spots, no monitoring |\n| **A10** | Exceptional Conditions 🆕 | Error handling, fail-open states |\n\n### 2025 Key Changes\n\n```\n2021 → 2025 Shifts:\n├── SSRF merged into A01 (Access Control)\n├── A02 elevated (Cloud/Container configs)\n├── A03 NEW: Supply Chain (major focus)\n├── A10 NEW: Exceptional Conditions\n└── Focus shift: Root causes > Symptoms\n```\n\n---\n\n## 3. Supply Chain Security (A03)\n\n### Attack Surface\n\n| Vector | Risk | Question to Ask |\n|--------|------|-----------------|\n| **Dependencies** | Malicious packages | Do we audit new deps? |\n| **Lock files** | Integrity attacks | Are they committed? |\n| **Build pipeline** | CI/CD compromise | Who can modify? |\n| **Registry** | Typosquatting | Verified sources? |\n\n### Defense Principles\n\n- Verify package integrity (checksums)\n- Pin versions, audit updates\n- Use private registries for critical deps\n- Sign and verify artifacts\n\n---\n\n## 4. Attack Surface Mapping\n\n### What to Map\n\n| Category | Elements |\n|----------|----------|\n| **Entry Points** | APIs, forms, file uploads |\n| **Data Flows** | Input → Process → Output |\n| **Trust Boundaries** | Where auth/authz checked |\n| **Assets** | Secrets, PII, business data |\n\n### Prioritization Matrix\n\n```\nRisk = Likelihood × Impact\n\nHigh Impact + High Likelihood → CRITICAL\nHigh Impact + Low Likelihood  → HIGH\nLow Impact + High Likelihood  → MEDIUM\nLow Impact + Low Likelihood   → LOW\n```\n\n---\n\n## 5. Risk Prioritization\n\n### CVSS + Context\n\n| Factor | Weight | Question |\n|--------|--------|----------|\n| **CVSS Score** | Base severity | How severe is the vuln? |\n| **EPSS Score** | Exploit likelihood | Is it being exploited? |\n| **Asset Value** | Business context | What's at risk? |\n| **Exposure** | Attack surface | Internet-facing? |\n\n### Prioritization Decision Tree\n\n```\nIs it actively exploited (EPSS >0.5)?\n├── YES → CRITICAL: Immediate action\n└── NO → Check CVSS\n         ├── CVSS ≥9.0 → HIGH\n         ├── CVSS 7.0-8.9 → Consider asset value\n         └── CVSS <7.0 → Schedule for later\n```\n\n---\n\n## 6. Exceptional Conditions (A10 - New)\n\n### Fail-Open vs Fail-Closed\n\n| Scenario | Fail-Open (BAD) | Fail-Closed (GOOD) |\n|----------|-----------------|---------------------|\n| Auth error | Allow access | Deny access |\n| Parsing fails | Accept input | Reject input |\n| Timeout | Retry forever | Limit + abort |\n\n### What to Check\n\n- Exception handlers that catch-all and ignore\n- Missing error handling on security operations\n- Race conditions in auth/authz\n- Resource exhaustion scenarios\n\n---\n\n## 7. Scanning Methodology\n\n### Phase-Based Approach\n\n```\n1. RECONNAISSANCE\n   └── Understand the target\n       ├── Technology stack\n       ├── Entry points\n       └── Data flows\n\n2. DISCOVERY\n   └── Identify potential issues\n       ├── Configuration review\n       ├── Dependency analysis\n       └── Code pattern search\n\n3. ANALYSIS\n   └── Validate and prioritize\n       ├── False positive elimination\n       ├── Risk scoring\n       └── Attack chain mapping\n\n4. REPORTING\n   └── Actionable findings\n       ├── Clear reproduction steps\n       ├── Business impact\n       └── Remediation guidance\n```\n\n---\n\n## 8. Code Pattern Analysis\n\n### High-Risk Patterns\n\n| Pattern | Risk | Look For |\n|---------|------|----------|\n| **String concat in queries** | Injection | `\"SELECT * FROM \" + user_input` |\n| **Dynamic code execution** | RCE | `eval()`, `exec()`, `Function()` |\n| **Unsafe deserialization** | RCE | `pickle.loads()`, `unserialize()` |\n| **Path manipulation** | Traversal | User input in file paths |\n| **Disabled security** | Various | `verify=False`, `--insecure` |\n\n### Secret Patterns\n\n| Type | Indicators |\n|------|-----------|\n| API Keys | `api_key`, `apikey`, high entropy |\n| Tokens | `token`, `bearer`, `jwt` |\n| Credentials | `password`, `secret`, `key` |\n| Cloud | `AWS_`, `AZURE_`, `GCP_` prefixes |\n\n---\n\n## 9. Cloud Security Considerations\n\n### Shared Responsibility\n\n| Layer | You Own | Provider Owns |\n|-------|---------|---------------|\n| Data | ✅ | ❌ |\n| Application | ✅ | ❌ |\n| OS/Runtime | Depends | Depends |\n| Infrastructure | ❌ | ✅ |\n\n### Cloud-Specific Checks\n\n- IAM: Least privilege applied?\n- Storage: Public buckets?\n- Network: Security groups tightened?\n- Secrets: Using secrets manager?\n\n---\n\n## 10. Anti-Patterns\n\n| ❌ Don't | ✅ Do |\n|----------|-------|\n| Scan without understanding | Map attack surface first |\n| Alert on every CVE | Prioritize by exploitability + asset |\n| Ignore false positives | Maintain verified baseline |\n| Fix symptoms only | Address root causes |\n| Scan once before deploy | Continuous scanning |\n| Trust third-party deps blindly | Verify integrity, audit code |\n\n---\n\n## 11. Reporting Principles\n\n### Finding Structure\n\nEach finding should answer:\n1. **What?** - Clear vulnerability description\n2. **Where?** - Exact location (file, line, endpoint)\n3. **Why?** - Root cause explanation\n4. **Impact?** - Business consequence\n5. **How to fix?** - Specific remediation\n\n### Severity Classification\n\n| Severity | Criteria |\n|----------|----------|\n| **Critical** | RCE, auth bypass, mass data exposure |\n| **High** | Data exposure, privilege escalation |\n| **Medium** | Limited scope, requires conditions |\n| **Low** | Informational, best practice |\n\n---\n\n> **Remember:** Vulnerability scanning finds issues. Expert thinking prioritizes what matters. Always ask: \"What would an attacker do with this?\"\n\n## When to Use\nThis skill is applicable to execute the workflow or actions described in the overview.\n\n## Limitations\n- Use this skill only when the task clearly matches the scope described above.\n- Do not treat the output as a substitute for environment-specific validation, testing, or expert review.\n- Stop and ask for clarification if required inputs, permissions, safety boundaries, or success criteria are missing.","tags":["vulnerability","scanner","antigravity","awesome","skills","sickn33"],"capabilities":["skill","source-sickn33","category-antigravity-awesome-skills"],"categories":["antigravity-awesome-skills"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/sickn33/antigravity-awesome-skills/vulnerability-scanner","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"install_from":"skills.sh"}},"qualityScore":"0.300","qualityRationale":"deterministic score 0.30 from registry signals: · indexed on skills.sh · published under sickn33/antigravity-awesome-skills","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill:v1","enrichmentVersion":1,"enrichedAt":"2026-04-25T08:40:52.036Z","embedding":null,"createdAt":"2026-04-18T20:38:09.377Z","updatedAt":"2026-04-25T08:40:52.036Z","lastSeenAt":"2026-04-25T08:40:52.036Z","tsv":"'-8.9':414 '0.5':401 '1':53,101,492,705 '10':47,130,646 '11':696 '2':107,127,503,710 '2021':213 '2025':19,131,210,214 '3':113,241,515,717 '4':120,299,528,722 '5':354,726 '6':423 '7':485 '7.0':413,419 '8':539 '9':610 '9.0':410 'a01':138,219 'a02':148,222 'a03':155,226,245 'a04':163 'a05':170 'a06':176 'a07':181 'a08':187 'a09':194 'a10':201,232,426 'abort':460 'accept':452 'access':87,94,140,144,220,447,449 'action':405,530,788 'activ':398 'actor':112 'address':677 'alert':196,660 'allow':446 'alreadi':67 'alway':73,767 'analysi':511,516,542 'answer':704 'anti':648 'anti-pattern':647 'antigrav':3 'api':49,310,590,592 'apikey':594 'appli':36,634 'applic':60,622,782 'approach':491 'architectur':180 'artifact':298 'ask':100,252,768,826 'asset':106,324,379,416,667 'assum':61 'attack':14,66,110,117,118,246,264,300,388,525,657,772 'audit':258,287,694 'auth':48,444,738 'auth/authz':322,481 'authent':182 'autom':27 'aw':606 'awar':22 'awesom':4 'azur':607 'bad':439 'base':364,490 'baselin':673 'bearer':599 'best':755 'blind':197,691 'boundari':320,834 'breach':62 'broken':139 'bucket':637 'build':161,268 'busi':125,327,381,535,724 'bypass':739 'catch':468 'catch-al':467 'categori':133,135,306 'category-antigravity-awesome-skills' 'caus':239,679,720 'chain':158,229,243,526 'chang':212 'check':323,407,463,630 'checklist':52 'checklists.md':43,44 'checksum':284 'ci/cd':160,270 'clarif':828 'classif':733 'clear':532,707,801 'close':434,442 'cloud':605,611,628 'cloud-specif':627 'cloud/container':224 'code':512,540,561,695 'command':175 'commit':267 'compromis':271 'concat':552 'condit':203,235,425,479,752 'config':225 'configur':508 'consequ':725 'consid':415 'consider':613 'context':358,382 'continu':684 'control':141,221 'core':57 'credenti':185,601 'criteria':735,837 'critic':293,338,403,736 'crypto':167 'cryptograph':164 'cve':663 'cvss':357,362,408,409,412,418 'data':50,193,314,328,501,621,741,744 'decis':394 'default':151 'defend':15 'defens':75,279 'deni':93,448 'dep':260,294,690 'depend':159,253,510,624,625 'deploy':683 'depth':77 'describ':789,805 'descript':709 'deseri':568 'design':63,178 'disabl':580 'discoveri':504 'dynam':560 'element':307 'elev':223 'elimin':522 'endpoint':716 'entri':308,499 'entropi':596 'environ':817 'environment-specif':816 'epss':371,400 'error':92,204,445,473 'escal':747 'eval':564 'everi':662 'exact':712 'except':202,234,424,464 'exec':565 'execut':25,562,784 'exhaust':483 'expert':18,55,762,822 'explan':721 'exploit':373,378,399,666 'expos':153,168 'exposur':387,742,745 'face':392 'factor':359 'fail':89,207,429,433,437,441,451 'fail-clos':432,440 'fail-open':206,428,436 'failur':165,183,189 'fals':520,584,669 'file':40,41,262,312,578,714 'find':531,699,702,760 'first':659 'fix':674,729 'flaw':179 'flow':315,502 'focus':231,236 'forev':458 'form':311 'function':566 'gcp':608 'good':443 'group':640 'guidanc':538 'handl':205,474 'handler':465 'header':152 'high':334,336,339,343,346,411,544,595,743 'high-risk':543 'iam':631 'identifi':505 'idor':146 'ignor':471,668 'immedi':404 'impact':124,333,335,340,345,350,536,723 'indic':589 'inform':754 'infrastructur':626 'inject':171,555 'input':173,316,453,455,559,576,831 'insecur':177,585 'insid':68 'integr':162,188,263,283,693 'internet':391 'internet-fac':390 'issu':507,761 'jwt':600 'key':211,591,593,604 'landscap':21 'later':422 'layer':79,616 'least':83,632 'like':12,16 'likelihood':332,337,342,347,352,374 'limit':459,749,793 'line':715 'locat':713 'lock':261 'log':195 'look':549 'low':341,344,349,351,353,753 'maintain':671 'major':230 'malici':254 'manag':186,645 'manipul':573 'map':302,305,527,656 'mass':740 'match':802 'matrix':330 'matter':766 'medium':348,748 'merg':217 'methodolog':487 'mindset':56 'minimum':85 'misconfigur':150 'miss':472,839 'model':96 'modifi':274 'monitor':200 'multipl':78 'network':638 'never':71 'new':227,233,259,427 'open':208,430,438 'oper':477 'os/runtime':623 'output':318,811 'overview':792 'owasp':45,128 'own':620 'packag':255,282 'pars':450 'parti':689 'password':602 'path':572,579 'pattern':513,541,546,547,587,649 'permiss':832 'phase':489 'phase-bas':488 'pickle.loads':570 'pii':326 'pin':285 'pipelin':269 'point':82,309,500 'posit':521,670 'potenti':506 'practic':756 'prefix':609 'principl':35,58,59,280,698 'priorit':329,356,393,519,664,764 'privat':290 'privileg':84,633,746 'process':317 'protect':51,105 'provid':619 'public':636 'purpos':30,42 'python':37 'queri':554 'question':97,250,361 'race':478 'rank':134 'rce':563,569,737 'reconnaiss':493 'refer':39 'registri':275,291 'reject':454 'remedi':537,731 'rememb':757 'report':529,697 'reproduct':533 'requir':86,751,830 'resourc':482 'respons':615 'retri':457 'review':509,823 'risk':126,132,249,331,355,386,523,545,548 'root':238,678,719 'runtim':23 'safeti':833 'scan':99,486,653,680,685,759 'scanner':2,10 'scenario':435,484 'schedul':420 'scope':750,804 'score':363,372,524 'script':24,29 'scripts/security_scan.py':32,38 'search':514 'secret':169,325,586,603,642,644 'secur':34,54,90,149,244,476,581,612,639 'select':556 'servic':154 'session':184 'sever':365,367,732,734 'share':614 'shift':215,237 'sickn33':8 'sign':295 'singl':81 'skill':5,6,780,796 'softwar':156 'sourc':278 'source-sickn33' 'specif':629,730,818 'spot':198 'ssrf':147,216 'stack':498 'state':209 'step':534 'stop':824 'storag':635 'string':551 'structur':700 'substitut':814 'success':836 'suppli':157,228,242 'surfac':247,301,389,658 'symptom':240,675 'system':174 'tamper':192 'target':496 'task':800 'technolog':497 'test':820 'think':11,136,763 'third':688 'third-parti':687 'threat':20,95,111 'tighten':641 'timeout':456 'token':597,598 'top':46,129 'travers':574 'treat':809 'tree':395 'trust':70,72,319,686 'type':588 'typosquat':276 'understand':494,655 'unsaf':567 'unseri':571 'unsign':190 'updat':191,288 'upload':313 'usag':31 'use':289,643,778,794 'user':172,558,575 'valid':28,33,517,819 'valu':380,417 'various':582 'vector':119,248 'verifi':74,277,281,297,583,672,692 'version':286 'vs':431 'vuln':370 'vulner':1,9,708,758 'weak':166 'weight':360 'without':654 'workflow':786 'would':109,115,770 'yes':402 'zero':69","prices":[{"id":"6dbae8c2-3956-46db-a5e8-51ac0b0ce607","listingId":"61a827a0-be5e-47e6-bb59-c0fb905ce04c","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"sickn33","category":"antigravity-awesome-skills","install_from":"skills.sh"},"createdAt":"2026-04-18T20:38:09.377Z"}],"sources":[{"listingId":"61a827a0-be5e-47e6-bb59-c0fb905ce04c","source":"github","sourceId":"sickn33/antigravity-awesome-skills/vulnerability-scanner","sourceUrl":"https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/vulnerability-scanner","isPrimary":false,"firstSeenAt":"2026-04-18T21:47:20.770Z","lastSeenAt":"2026-04-25T06:52:16.992Z"},{"listingId":"61a827a0-be5e-47e6-bb59-c0fb905ce04c","source":"skills_sh","sourceId":"sickn33/antigravity-awesome-skills/vulnerability-scanner","sourceUrl":"https://skills.sh/sickn33/antigravity-awesome-skills/vulnerability-scanner","isPrimary":true,"firstSeenAt":"2026-04-18T20:38:09.377Z","lastSeenAt":"2026-04-25T08:40:52.036Z"}],"details":{"listingId":"61a827a0-be5e-47e6-bb59-c0fb905ce04c","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"sickn33","slug":"vulnerability-scanner","source":"skills_sh","category":"antigravity-awesome-skills","skills_sh_url":"https://skills.sh/sickn33/antigravity-awesome-skills/vulnerability-scanner"},"updatedAt":"2026-04-25T08:40:52.036Z"}}