Jeden Skill in Manus ausführen
mit einem Klick

Jeden Skill in Manus mit einem Klick ausführen

$pwd:

cve-risk-score

Name: Cve Risk Score
Author: transilienceai

// Retrieve CVE risk scores from NVD. Auto-invoked whenever a CVE ID is mentioned to display CVSS score, severity, CWE, and description.

In Manus ausführen

$ git log --oneline --stat

stars:316

forks:60

updated:29. Mai 2026 um 16:46

Datei-Explorer

2 Dateien

SKILL.md

readonly

name	cve-risk-score
description	Retrieve CVE risk scores from NVD. Auto-invoked whenever a CVE ID is mentioned to display CVSS score, severity, CWE, and description.

CVE Risk Score

Fetch and display CVE risk scores from the National Vulnerability Database (NVD) whenever a CVE ID appears in conversation.

Trigger

This skill MUST be invoked automatically whenever a CVE ID (pattern CVE-YYYY-NNNNN) is mentioned by the user or discovered during research/scanning. Do not wait for explicit invocation.

Workflow

Extract CVE IDs from the user's message or tool output (regex: CVE-\d{4}-\d{4,})

Run the lookup script:

python3 tools/nvd-lookup.py CVE-XXXX-XXXXX [CVE-YYYY-YYYYY ...]

Present the results in a concise table format:

CVE ID Score Severity CWE Description
CVE-XXXX-XXXXX 9.8 CRITICAL CWE-79 ...
Continue with the user's original task — the score lookup is supplementary context, not a blocking step.

Output Format

When presenting CVE risk scores inline, use this compact format:

CVE-2024-12345: 9.8 CRITICAL (CWE-79) — Remote code execution via ...

For multiple CVEs, use a markdown table.

Rules

Always invoke — every CVE ID mentioned triggers a lookup. No exceptions.
Non-blocking — fetch scores in parallel with other work when possible.
Accurate data only — display exactly what NVD returns. Never estimate or fabricate scores.
Graceful degradation — if NVD is unreachable or the CVE has no score yet, say so explicitly (e.g., "Not yet scored by NVD").
Rate limiting — the script handles rate limits internally. For bulk lookups (5+), warn that NVD throttles unauthenticated requests.
API key — if NVD_API_KEY is set in .env, the script uses it for higher rate limits.

Integration

This skill complements other skills:

cve-poc-generator: After seeing the risk score, the user may want a full PoC and report
reconnaissance / source-code-scanning: When these skills discover CVEs in dependencies, auto-lookup their scores
coordination: CVE scores inform priority and severity classification in findings

related-skills.json

gleiches Repository

api-security.md

from "transilienceai/communitytools"

API security testing - GraphQL, REST API, WebSocket, and Web-LLM attack techniques.

2026-05-29316

attack-path-stitcher.md

from "transilienceai/communitytools"

Stitches confirmed single-asset findings into multi-hop attack paths across the organization. Builds a graph where nodes are assets and edges are confirmed exploit hops citing the findings that enable them.

2026-05-29316

authentication.md

from "transilienceai/communitytools"

Authentication security testing - auth bypass, JWT attacks, OAuth flaws, password attacks, 2FA bypass, CAPTCHA bypass, and bot detection evasion.

2026-05-29316

cloud-containers.md

from "transilienceai/communitytools"

Cloud and container security testing - AWS, Azure, GCP, Docker, and Kubernetes misconfigurations and exploitation.

2026-05-29316

coordination.md

from "transilienceai/communitytools"

Pentest coordination — orchestrates executor and validator agents with context-controlled spawning. Entry point for all engagements.

2026-05-29316

cryptography.md

from "transilienceai/communitytools"

Cryptanalysis techniques — lattice attacks, padding oracles, weak-RNG exploitation, signature forgery, secret-sharing recovery.

2026-05-29316

package.json

"author": "transilienceai"

"repository": "transilienceai/communitytools"

GitHub-Repository öffnen Creator-Repositorys ansehen

$ install --global

$ download --local

In Manus ausführen

$ useful --forSOC

InformationssicherheitsanalystenInformatik- und Mathematikberufe15-1212L4

CVE Risk Score

Fetch and display CVE risk scores from the National Vulnerability Database (NVD) whenever a CVE ID appears in conversation.

Trigger

This skill MUST be invoked automatically whenever a CVE ID (pattern CVE-YYYY-NNNNN) is mentioned by the user or discovered during research/scanning. Do not wait for explicit invocation.

Workflow

Extract CVE IDs from the user's message or tool output (regex: CVE-\d{4}-\d{4,})

Run the lookup script:

python3 tools/nvd-lookup.py CVE-XXXX-XXXXX [CVE-YYYY-YYYYY ...]

Present the results in a concise table format:

CVE ID	Score	Severity	CWE	Description
CVE-XXXX-XXXXX	9.8	CRITICAL	CWE-79	...

Continue with the user's original task — the score lookup is supplementary context, not a blocking step.

Output Format

When presenting CVE risk scores inline, use this compact format:

CVE-2024-12345: 9.8 CRITICAL (CWE-79) — Remote code execution via ...

For multiple CVEs, use a markdown table.

Rules

Always invoke — every CVE ID mentioned triggers a lookup. No exceptions.

Non-blocking — fetch scores in parallel with other work when possible.

Accurate data only — display exactly what NVD returns. Never estimate or fabricate scores.

Graceful degradation — if NVD is unreachable or the CVE has no score yet, say so explicitly (e.g., "Not yet scored by NVD").

Rate limiting — the script handles rate limits internally. For bulk lookups (5+), warn that NVD throttles unauthenticated requests.

API key — if NVD_API_KEY is set in .env, the script uses it for higher rate limits.

Integration

This skill complements other skills:

cve-poc-generator: After seeing the risk score, the user may want a full PoC and report

reconnaissance / source-code-scanning: When these skills discover CVEs in dependencies, auto-lookup their scores

coordination: CVE scores inform priority and severity classification in findings

cve-risk-score

CVE Risk Score

Trigger

Workflow

Output Format

Rules

Integration

Mehr aus diesem Repository

Mehr aus diesem Repository

CVE Risk Score

Trigger

Workflow

Output Format

Rules

Integration