Triage pull request security risks with staged threat modeling and investigation using VulnVibes
Analyze a GitHub pull request for security impact, run targeted vulnerability-investigation skills when Stage 1 finds credible threats, and return a structured verdict instead of doing an ad hoc manual review.
What it does
Triage pull request security risks with staged threat modeling and investigation using VulnVibes
Analyze a GitHub pull request for security impact, run targeted vulnerability-investigation skills when Stage 1 finds credible threats, and return a structured verdict instead of doing an ad hoc manual review.
Prerequisites
GitHub token, Anthropic API key, access to the target GitHub pull request
Installation
Use the upstream install or setup path that matches your environment:
- pip install -e .
- git clone https://github.com/anshumanbh/vulnvibes.git
- pip install -e ".[dev]"
Requirements and caveats from upstream:
- 💻 CLI + Python API: Use from command line or programmatically
-
Python API
- python
Basic usage or getting-started notes:
-
bash
-
1. Set Up Credentials
-
export GITHUB_TOKEN="ghp_your_token_here"
-
Extracted from upstream docs: https://raw.githubusercontent.com/anshumanbh/vulnvibes/HEAD/README.md
Documentation
Source
Capabilities
Install
Quality
deterministic score 0.45 from registry signals: · indexed on github topic:agent-skills · 8 github stars · SKILL.md body (1,232 chars)