AI Agent Skill HUB

remediation-library

Index of security remediation skills. Routes to specialized skills for injection, cryptography, authentication, and configuration vulnerabilities.

6 stars
byZate
View on GitHubInstallation ↓

Best use case

remediation-library is best used when you need a repeatable AI agent workflow instead of a one-off prompt.

Index of security remediation skills. Routes to specialized skills for injection, cryptography, authentication, and configuration vulnerabilities.

Teams using remediation-library should expect a more consistent output, faster repeated execution, less prompt rewriting.

When to use this skill

  • You want a reusable workflow that can be run more than once with consistent structure.

When not to use this skill

  • You only need a quick one-off answer and do not need a reusable workflow.
  • You cannot install or maintain the underlying files, dependencies, or repository context.

Installation

Claude Code / Cursor / Codex

$curl -o ~/.claude/skills/remediation-library/SKILL.md --create-dirs "https://raw.githubusercontent.com/Zate/cc-plugins/main/plugins/security/skills/remediation-library/SKILL.md"

Manual Installation

  1. Download SKILL.md from GitHub
  2. Place it in .claude/skills/remediation-library/SKILL.md inside your project
  3. Restart your AI agent — it will auto-discover the skill

How remediation-library Compares

Feature / Agentremediation-libraryStandard Approach
Platform SupportNot specifiedLimited / Varies
Context Awareness High Baseline
Installation ComplexityUnknownN/A

Frequently Asked Questions

What does this skill do?

Index of security remediation skills. Routes to specialized skills for injection, cryptography, authentication, and configuration vulnerabilities.

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

SKILL.md Source

# Remediation Library

This skill is an index to modular remediation guides. Use the specialized skills below for focused remediation guidance.

## When to Use This Skill

- **Finding the right remediation skill** - Use this index to route to the appropriate specialized skill
- **Overview of available fixes** - Quick reference of what's available

## When NOT to Use This Skill

- **Detecting vulnerabilities** - Use vulnerability-patterns skill
- **Specific remediation** - Use the specialized skills directly (faster)

---

## Specialized Remediation Skills

### `remediation-injection`
**Covers**: SQL Injection, Command Injection, XSS
**CWEs**: CWE-89, CWE-78, CWE-79
**Use when**: Fixing injection vulnerabilities, code review feedback

### `remediation-crypto`
**Covers**: Weak Cryptography, Insecure Randomness, TLS Issues
**CWEs**: CWE-327, CWE-330, CWE-295
**Use when**: Fixing crypto vulnerabilities, upgrading algorithms

### `remediation-auth`
**Covers**: Hardcoded Credentials, JWT Security, Deserialization, Access Control
**CWEs**: CWE-798, CWE-347, CWE-502, CWE-862
**Use when**: Fixing auth issues, secrets management, authorization

### `remediation-config`
**Covers**: Path Traversal, Debug Mode, Security Headers
**CWEs**: CWE-22, CWE-489, CWE-693
**Use when**: Fixing deployment issues, hardening configuration

---

## Quick Routing Guide

| Vulnerability Type | Skill to Use |
|-------------------|--------------|
| SQL Injection | `remediation-injection` |
| Command Injection | `remediation-injection` |
| XSS | `remediation-injection` |
| Weak hashing (MD5/SHA1) | `remediation-crypto` |
| Insecure randomness | `remediation-crypto` |
| TLS disabled | `remediation-crypto` |
| Hardcoded secrets | `remediation-auth` |
| JWT issues | `remediation-auth` |
| Unsafe deserialization | `remediation-auth` |
| Missing access control | `remediation-auth` |
| Path traversal | `remediation-config` |
| Debug in production | `remediation-config` |
| Missing headers | `remediation-config` |

---

## OWASP Mapping

| OWASP 2021 | Primary Skill |
|------------|---------------|
| A01 Broken Access Control | `remediation-auth` |
| A02 Cryptographic Failures | `remediation-crypto` |
| A03 Injection | `remediation-injection` |
| A04 Insecure Design | Multiple |
| A05 Security Misconfiguration | `remediation-config` |
| A06 Vulnerable Components | N/A |
| A07 Auth Failures | `remediation-auth` |
| A08 Data Integrity Failures | `remediation-auth` |
| A09 Logging Failures | `remediation-config` |
| A10 SSRF | `remediation-injection` |

---

## See Also

- `vulnerability-patterns` - Detection patterns
- `asvs-requirements` - ASVS compliance mapping
- `audit-report` - Report formatting

Related Skills

remediation-injection

6
from Zate/cc-plugins

Security fix patterns for injection vulnerabilities (SQL, Command, XSS). Provides language-specific code examples showing vulnerable and secure implementations.

remediation-crypto

6
from Zate/cc-plugins

Security fix patterns for cryptographic vulnerabilities (weak algorithms, insecure randomness, TLS issues). Provides language-specific secure implementations.

remediation-config

6
from Zate/cc-plugins

Security fix patterns for configuration and deployment vulnerabilities (path traversal, debug mode, security headers). Provides language-specific secure implementations.

remediation-auth

6
from Zate/cc-plugins

Security fix patterns for authentication and authorization vulnerabilities (credentials, JWT, deserialization, access control). Provides language-specific secure implementations.

Example Skill

6
from Zate/cc-plugins

Brief description of what this skill does and the domain expertise it provides.

vulnerability-patterns

6
from Zate/cc-plugins

Index of vulnerability detection pattern skills. Routes to core patterns (universal) and language-specific patterns for security scanning.

vuln-patterns-languages

6
from Zate/cc-plugins

Language-specific vulnerability detection patterns for JavaScript/TypeScript, Python, Go, Java, Ruby, and PHP. Provides regex patterns and grep commands for common security vulnerabilities.

vuln-patterns-core

6
from Zate/cc-plugins

Universal vulnerability detection patterns applicable across all programming languages. Includes hardcoded secrets, SQL/command injection, path traversal, and configuration file patterns.

scan

6
from Zate/cc-plugins

Run a security assessment using deterministic static analysis tools with LLM-powered triage

results

6
from Zate/cc-plugins

View the most recent security scan results without re-running the scan

fix

6
from Zate/cc-plugins

Fix or guide remediation for a specific security finding from the latest scan report

baseline

6
from Zate/cc-plugins

Create or update the project security baseline, profile, suppressions file, and gitignore entries for security scans