AgentHubAgentHub

security-audit

SkillSkillsMP

io.github.mono/SkiaSharp/security-audit · vmain

Audit SkiaSharp's native dependencies for security vulnerabilities and CVEs, including Component Governance (CG) alerts from the SkiaSharp-Native and SkiaSharp Azure DevOps pipelines. Read-only investigation that produces a status report with recommendations. Use when user asks to: - Audit security issues or CVEs - Check CVE status across dependencies - Find security-related issues and their PR coverage - Get an overview of open vulnerabilities - See what security work is pending - Check Component Governance alerts - Review CG alerts from the native build pipeline Triggers: "security audit", "audit CVEs", "CVE status", "what security issues are open", "check vulnerability status", "security overview", "what CVEs need fixing", "CG alerts", "component governance", "check container CVEs". This skill is READ-ONLY. To actually fix issues, use the `native-dependency-update` skill.

在 SkillsMP 查看源仓库

概览

security-audit 是一个Agent Skill,收录自 SkillsMP。本页提供 Cursor、Claude Code 等客户端的安装配置片段。

Agent Skill 是带 SKILL.md 的指令包。安装后,AI 会根据 description 在匹配任务时自动加载,无需每次手动粘贴提示词。

安装

选择你的平台查看安装方式

# 通用 CLI(Cursor / Claude Code / Codex 等均支持)
npx skills add mono/SkiaSharp@security-audit

使用方式

安装完成后,在对话中直接描述你的任务(或提及技能名称)。Agent 会先读取 SKILL.md 的 description 判断是否启用,再按其中的步骤执行。可用 /skills(Claude Code)或在设置中查看已加载的 Skills。

相关资源

统一 Manifest

{
  "id": "io.github.mono/SkiaSharp/security-audit",
  "type": "skill",
  "version": "main",
  "displayName": "security-audit",
  "description": "Audit SkiaSharp's native dependencies for security vulnerabilities and CVEs, including Component Governance (CG) alerts from the SkiaSharp-Native and SkiaSharp Azure DevOps pipelines. Read-only investigation that produces a status report with recommendations.\nUse when user asks to: - Audit security issues or CVEs - Check CVE status across dependencies - Find security-related issues and their PR coverage - Get an overview of open vulnerabilities - See what security work is pending - Check Component Governance alerts - Review CG alerts from the native build pipeline\nTriggers: \"security audit\", \"audit CVEs\", \"CVE status\", \"what security issues are open\", \"check vulnerability status\", \"security overview\", \"what CVEs need fixing\", \"CG alerts\", \"component governance\", \"check container CVEs\".\nThis skill is READ-ONLY. To actually fix issues, use the `native-dependency-update` skill.",
  "author": {
    "name": "mono",
    "url": "https://github.com/mono"
  },
  "repository": {
    "url": "https://github.com/mono/SkiaSharp",
    "source": "github",
    "subfolder": ".agents/skills/security-audit"
  },
  "homepage": "https://skillsmp.com/skills/mono-skiasharp-agents-skills-security-audit-skill-md",
  "distribution": {
    "packages": [
      {
        "registryType": "source",
        "identifier": "mono/SkiaSharp@security-audit",
        "version": "main",
        "runtimeHint": "npx skills add"
      }
    ],
    "remotes": []
  },
  "dependencies": [],
  "installTargets": [
    "claude-code",
    "claude-desktop",
    "cursor",
    "codex",
    "vscode"
  ],
  "keywords": [
    "stars:5432"
  ],
  "provenance": {
    "origin": "skillsmp",
    "originalId": "mono-skiasharp-agents-skills-security-audit-skill-md",
    "originalUrl": "https://skillsmp.com/skills/mono-skiasharp-agents-skills-security-audit-skill-md",
    "isOfficial": false,
    "status": "active"
  }
}
security-audit — Agent Skill 安装与配置 · AgentHub