Claude Code Skills·Claude Skills·The open SKILL.md registry for Claude
ClaudSkills / Security / appsec-tools

Security CVE Allocate

Category: Security  ·  Sub-category: appsec-tools  ·  Last updated:
Walk a security team member through allocating a CVE for an <tracker> tracking issue. Prints the ASF Vulnogram allocation URL and a CVE-ready title (the issue title stripped of redundant `<vendor>: <product>:` (e.g. `Apache Airflow:`), `[ Security Report ]`, trailing version parens and similar noise), waits for the allocated CVE ID (allocation is PMC-gated — non-PMC triagers relay to a PMC member), and then updates the tracker in place: fills in the *CVE tool link* field, adds the `cve allocated` label, posts a collapsed status-change comment, and runs `generate-cve-json --attach` to embed the paste-ready JSON in the body. Finishes by handing off to the `security-issue-sync` skill to reconcile the rest of the tracker (milestone, assignee, reporter drafts, fix-PR state) now that the CVE landing is complete.

From the source SKILL.md

<!-- Placeholder convention (see AGENTS.md#placeholder-convention-used-in-skill-files): <project-config> → adopting project's .apache-steward/ directory <tracker> → value of tracker_repo: in <project-config>/project.md (example: airflow-s/airflow-s for the Apache Airflow security team) <upstream> → value of upstream_repo: in <project-config>/project.md (example: apache/airflow) Before running any bash command below, substitute these with the concrete values from the adopting project's <project-config>/project.md. -->

What this skill does

Security CVE Allocate is a community-contributed Claude Code skill in the appsec-tools sub-category. It ships as a SKILL.md file that Claude Code auto-discovers under ~/.claude/skills/security-cve-allocate/ and loads when your prompt matches the skill's trigger.

Who uses this skill

The Security CVE Allocate Claude Code skill is built for security engineers, penetration testers, DevSecOps practitioners, and development teams hardening codebases and infrastructure. It's part of ClaudSkills (also referred to as Claude Skills or Claude Code Skills) — the open community-curated registry of 69,000+ SKILL.md files for Anthropic's Claude Code agent and the wider Claude ecosystem (Claude API, Claude Agent SDK).

How to install

Free

Manual install (2 steps)

mkdir -p ~/.claude/skills/security-cve-allocate
curl -L https://claudskills.com/skills/security-cve-allocate/SKILL.md \
  -o ~/.claude/skills/security-cve-allocate/SKILL.md

Or just download SKILL.md directly and drop it into ~/.claude/skills/security-cve-allocate/. Claude Code auto-discovers it on next session.

Skills live at ~/.claude/skills/security-cve-allocate/SKILL.md on macOS/Linux, or %USERPROFILE%\.claude\skills\security-cve-allocate\SKILL.md on Windows. See the full install guide for step-by-step instructions.

Pro

One-click install via the desktop app

The ClaudSkills desktop app installs any skill directly into ~/.claude/skills/ with one click — no terminal required. Pro starts at $9/mo or $149 lifetime.

Pro

For the full experience including quality scoring and one-click install features for each skill — upgrade to Pro.

See pricing → Download desktop app

Attribution & license

More Security skills

Browse all Security skills in the ClaudSkills registry, or explore these other picks from the same category:

Browse all Security skills → Top 100 skills
Part of ClaudSkills — the open registry for Claude Skills & Claude Code Skills.  ·  What's New  ·  Install guide  ·  About  ·  llms.txt

Part of Acreator Store — Adam Lankamer's AI tools: PerfectStudio · Ucaption · UTagger · AutoXPoster · TestYourSkills · AutomationFlows · Au Naturel

Categories

Use cases

Popular tags

Learn

Site