Vuln Scanner
Audits trending GitHub repositories for security vulnerabilities and submits fixes through pull requests.
Install this skill
or
0/100
Security score
The Vuln Scanner skill was audited on May 30, 2026 and we found 8 security issues across 2 threat categories, including 1 critical. Review the findings below before installing.
Categories Tested
Security Issues
high line 10
Template literal with variable interpolation in command context
SourceSKILL.md
| 10 | If `${var}` is set, audit that specific repo. Otherwise auto-select. |
high line 18
Template literal with variable interpolation in command context
SourceSKILL.md
| 18 | If `${var}` is set, use that repo directly. |
high line 139
Template literal with variable interpolation in command context
SourceSKILL.md
| 139 | 8. **Write a report.** Save to `articles/vuln-scan-${today}.md`: |
medium line 140
Template literal with variable interpolation in command context
SourceSKILL.md
| 140 | ```markdown |
high line 160
Template literal with variable interpolation in command context
SourceSKILL.md
| 160 | 10. **Log.** Append to `memory/logs/${today}.md`. |
critical line 49
Access to /etc/passwd
SourceSKILL.md
| 49 | - Path traversal: user input in file paths without sanitization (`../../../etc/passwd`) |
high line 49
Path traversal to sensitive directory
SourceSKILL.md
| 49 | - Path traversal: user input in file paths without sanitization (`../../../etc/passwd`) |
low line 86
Access to .env file
SourceSKILL.md
| 86 | grep -rn "password\|secret\|api_key\|private_key" --include="*.env*" --include="*.json" --include="*.yml" --include="*.yaml" . | grep -v node_modules | grep -v "\.example" |
Scanned on May 30, 2026
View Security Dashboard