بنقرة واحدة
vulnerability-triage
Prioritize and explain security vulnerabilities found by Kai scans with research context
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
القائمة
Prioritize and explain security vulnerabilities found by Kai scans with research context
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
استنادا إلى تصنيف SOC المهني
Inspect and analyze codebases using pygount for LOC counting, language breakdown, and code-vs-comment ratios. Use when asked to check lines of code, repo size, language composition, or codebase stats.
Set up GitHub authentication for the agent using git (universally available) or the gh CLI. Covers HTTPS tokens, SSH keys, credential helpers, and gh auth — with a detection flow to pick the right method automatically.
Production-grade PR review with execution-verified suggestions. Reads repository conventions, history, and security surfaces before reviewing. For every suggested fix, attempts to compile and test it in the sandbox — the comment includes proof. Modelled on GitHub Copilot's agentic architecture with one critical advantage: the sandbox is already running.
Create, manage, triage, and close GitHub issues. Search existing issues, add labels, assign people, and link to PRs. Works with gh CLI or falls back to git + GitHub REST API via curl.
Open and manage GitHub pull requests through Kai MCP tools — propose changes, monitor CI, iterate on failures, and merge. No git tokens are shared to the sandbox; every GitHub operation goes through the backend via the workspace's GitHub App installation.
Clone, create, fork, configure, and manage GitHub repositories. Manage remotes, secrets, releases, and workflows. Works with gh CLI or falls back to git + GitHub REST API via curl.
| name | vulnerability-triage |
| description | Prioritize and explain security vulnerabilities found by Kai scans with research context |
| version | 1.0.0 |
| author | kai-agent |
| metadata | {"kai":{"tags":["kai","security","triage","vulnerabilities","research"]}} |
Analyze, prioritize, and contextualize security vulnerabilities discovered by Kai.
After a security scan completes with findings. This skill goes beyond just listing vulnerabilities, it explains WHY each matters and what the real-world impact could be.
list_vulnerabilities(executionId) → get all findings
For each finding:
get_vulnerability_details(executionId, exploitId)
Group findings into:
For each significant vulnerability:
Search for CVE parallels: Use web_search to find similar CVEs
Find real-world impact examples: Search for breaches caused by similar vulnerabilities
Check framework-specific guidance: Look for official security documentation
CVSS scoring context: Explain the CVSS vector if provided
For each finding, output: