CVE Remediation

Q: What is a Claude Code skill and how does the CVE Remediation skill fit in?

A Claude Code skill is a SKILL.md file that lives under ~/.claude/skills/<name>/ and tells the Claude Code CLI agent how to perform a specific task (instructions, prompts, allowed tools). Skills are auto-discovered at session start. CVE Remediation is one of 67,000+ skills indexed in the open ClaudSkills catalog, classified under the Security category. Learn more at https://claudskills.com/learn/what-is-skill-md/.

Category: Security · Sub-category: appsec-tools · Last updated: 2026-06-13

Remediate dependency vulnerability scanner failures by verifying live package registry data and upgrading instead of suppressing. Use when an SCA / CVE tool fails or files an alert: npm audit, pnpm audit, yarn audit, pip-audit, safety, Snyk, Dependabot, Trivy, Grype, OSV-Scanner, audit-ci, cargo audit, govulncheck, bundler-audit, Renovate, or any CI step reporting a CVE / GHSA / OSV advisory. The first action is ALWAYS to look up the latest published version on the live registry — training data is months stale and almost never knows the current version. Suppression, ignore, or allowlist entries are the absolute last resort, only after upgrade and override paths are proven unavailable; surrounding GitHub issues and justification docs do not by themselves count as remediation. Do NOT use for vulnerabilities in your own application code (use security skill), general linter or type checker bypasses (use max-quality-no-shortcuts skill), or unrelated CI failures (use ci-debugging skill).

About this skill (catalog notes)

CVE Remediation includes worked examples; pricing or quota commentary; 5 code blocks for direct copy-paste. The SKILL.md runs to about 1,304 words, in the catalog's typical mid-range.

License: MIT
Original author: Geoffe-Ga
Indexed lastmod: 2026-06-13
Catalog position: Security · appsec-tools
Indexed related skills: 10

How CVE Remediation fits the catalog

CVE Remediation sits in the Security category under the appsec-tools sub-topic in the ClaudSkills catalog. There are 10 related skills indexed alongside it; comparing a few before installing usually reveals which fits your workflow best.

These notes are auto-generated from features detected in the SKILL.md file and from this catalog's structure — they aren't part of the source repository.

From the source SKILL.md

A dependency vulnerability scanner just failed. The fix is almost always a version bump — but you must look up the current version on the live registry, because your training data is months out of date and the version you remember is probably not the latest.

What this skill does

CVE Remediation is a community-contributed Claude Code skill in the appsec-tools sub-category. It ships as a SKILL.md file that Claude Code auto-discovers under ~/.claude/skills/cve-remediation/ and loads when your prompt matches the skill's trigger.

When to invoke it: Use when an SCA / CVE tool fails or files an alert: npm audit, pnpm audit, yarn audit, pip-audit, safety, Snyk, Dependabot, Trivy, Grype, OSV-Scanner, audit-ci, cargo audit, govulncheck, bundler-audit, Renovate, or any CI step reporting a CVE / GHSA / OSV advisory. The first action is ALWAYS to look up the latest published version on the live registry — training data is months stale and almost never knows the current version.

Who uses this skill

The CVE Remediation Claude Code skill is built for security engineers, penetration testers, DevSecOps practitioners, and development teams hardening codebases and infrastructure. It's part of ClaudSkills (also referred to as Claude Skills or Claude Code Skills) — the open community-curated registry of 120,000+ SKILL.md files for Anthropic's Claude Code agent and the wider Claude ecosystem (Claude API, Claude Agent SDK).

How to install

Free

Manual install (2 steps)

mkdir -p ~/.claude/skills/cve-remediation
curl -L https://claudskills.com/skills/cve-remediation/SKILL.md \
  -o ~/.claude/skills/cve-remediation/SKILL.md

Or just download SKILL.md directly and drop it into ~/.claude/skills/cve-remediation/. Claude Code auto-discovers it on next session.

Skills live at ~/.claude/skills/cve-remediation/SKILL.md on macOS/Linux, or %USERPROFILE%\.claude\skills\cve-remediation\SKILL.md on Windows. See the full install guide for step-by-step instructions.

📱 Install from your phone or desktop Telegram

Open @claudskills_bot on Telegram, tap Open Desktop App, and the desktop app installs this skill for you. Or share the bot link with a colleague — they get the same one-tap install. Learn more →

Pro

One-click install via the desktop app

The ClaudSkills desktop app installs any skill directly into ~/.claude/skills/ with one click — no terminal required. Pro starts at $9/mo or $149 lifetime.

Pro

For the full experience including quality scoring and one-click install features for each skill — upgrade to Pro.

See pricing → Download desktop app

Frequently asked questions

How do I install the CVE Remediation Claude Code skill?

Install via the ClaudSkills desktop app (one click) or copy SKILL.md from the source repository to ~/.claude/skills/cve-remediation/SKILL.md and restart Claude Code. Both flows are detailed at claudskills.com/install/.

What does the CVE Remediation skill do?

Is this skill free to install?

Yes. ClaudSkills is an open registry — every skill keeps its source repository's license, and manual install via copy is free. ClaudSkills Pro ($9/mo, $79/yr, or $149 one-time) adds one-click install via the desktop app and a multi-signal Quality Score.

When should I use the CVE Remediation skill?

Use CVE Remediation when your Claude Code task falls under the Security category — specifically in the appsec tools area. Claude Code auto-discovers installed skills and invokes the right one based on the task description, so you can also ask Claude directly (e.g. "use CVE Remediation" or describe the task and let Claude pick). Browse related skills at /category/security/.

What is a Claude Code skill and how does the CVE Remediation skill fit in?

A Claude Code skill is a SKILL.md file that lives under ~/.claude/skills/<name>/ and tells the Claude Code CLI agent how to perform a specific task (instructions, prompts, allowed tools). Skills are auto-discovered at session start. CVE Remediation is one of 67,000+ skills indexed in the open ClaudSkills catalog, classified under the Security category. Learn more at /learn/what-is-a-claude-skill/.

Attribution & license

Source: https://github.com/Geoffe-Ga/start_green_stay_green/blob/7c3ee184036dc2f3ee803d2eccf33b4c714e7ca7/.claude/skills/cve-remediation/SKILL.md
License: MIT
Author: Geoffe-Ga

Cite this skill

If you reference this skill in a blog post, paper, or documentation, you can cite it as:

APA

Geoffe-Ga. (2026). CVE Remediation [Claude Code skill]. ClaudSkills. https://claudskills.com/skills/cve-remediation/

BibTeX

@misc{cve-remediation-2026,
  author    = {Geoffe-Ga},
  title     = {CVE Remediation [Claude Code skill]},
  year      = {2026},
  publisher = {ClaudSkills},
  url       = {https://claudskills.com/skills/cve-remediation/}
}

Embed this skill

Promote, attribute, or link this skill from your own README, blog post, or documentation. All three snippets are free to use — no sign-up, no API key. More distribution surfaces →

Badge

[![ClaudSkills](https://claudskills.com/badge/cve-remediation.svg)](https://claudskills.com/skills/cve-remediation/?utm_source=badge&utm_medium=readme&utm_campaign=skill_badge)

More Security skills

Browse all Security skills in the ClaudSkills registry, or explore these other picks from the same category:

Browse all Security skills → Top 100 skills

Part of ClaudSkills — the open registry for Claude Skills & Claude Code Skills. · What's New · Install guide · About · llms.txt

Part of Acreator Store — Adam Lankamer's AI tools: PerfectStudio · Ucaption · UTagger · AutoXPoster · TestYourSkills · AutomationFlows · Au Naturel · Telegram @acreatorstore