Skip to main content
Generaldavepoon

dashboard

View all tracked vulnerabilities and their current status

Stars
2,987
Source
davepoon/buildwithclaude
Updated
2026-05-26
Slug
davepoon--buildwithclaude--dashboard
View on GitHubRaw SKILL.md

// install — copy + paste into any project

mkdir -p .claude/skills && curl -fsSL https://raw.githubusercontent.com/davepoon/buildwithclaude/HEAD/plugins/vulnetix/skills/dashboard/SKILL.md -o .claude/skills/dashboard.md

Drops the SKILL.md into .claude/skills/dashboard.md. Works with Claude Code, Cursor, and any agent that loads SKILL.md files from .claude/skills/.

Vulnetix Vulnerability Dashboard

This skill reads .vulnetix/memory.yaml and displays a comprehensive vulnerability status report. It is read-only and does not modify any files.

Workflow

Step 1: Load Memory

  1. Use Glob to check if .vulnetix/memory.yaml exists in the repo root
  2. If it does not exist, display: "No vulnerability data found. Run /vulnetix:vuln <package> or /vulnetix:exploits-search to start tracking." and stop.
  3. Use Read to load the full contents of .vulnetix/memory.yaml

Step 2: Parse and Categorize

From the vulnerabilities: section, categorize each entry:

Open (unresolved):

  • status: affected -- "Vulnerable"
  • status: under_investigation -- "Investigating"

Resolved:

  • status: fixed -- "Fixed"
  • status: not_affected -- "Not affected"
  • Entries with decision.choice: risk-accepted -- "Risk accepted"
  • Entries with decision.choice: deferred -- "Deferred"

From the manifests: section, collect manifest tracking info.

Step 3: Display Summary Header

Vulnetix Security Dashboard
============================
Open: <N> (<X> vulnerable, <Y> investigating)
Resolved: <N> (<X> fixed, <Y> not affected, <Z> risk-accepted, <W> deferred)
Manifests tracked: <N> (last scan: <timestamp>)

If there are zero vulnerabilities and zero manifests, display: "Clean slate -- no vulnerabilities tracked yet."

Step 4: Open Vulnerabilities Table

If there are open vulnerabilities, display them sorted by CWSS priority (P1 first), then by severity:

Open Vulnerabilities
--------------------
| ID | Package | Severity | Status | Priority | Decision |
|----|---------|----------|--------|----------|----------|
| CVE-2021-44228 | log4j-core | critical | Vulnerable | P1 (87.5) | investigating |
| GHSA-xxxx-yyyy | express | high | Investigating | P2 (62.0) | investigating |

For each column:

  • ID: Primary vulnerability key
  • Package: package field
  • Severity: severity field
  • Status: Developer-friendly status (see VEX mapping above)
  • Priority: cwss.priority and cwss.score if available, otherwise "--"
  • Decision: decision.choice if available, otherwise "--"

Step 5: Resolved Vulnerabilities Table

If there are resolved vulnerabilities, display them:

Resolved Vulnerabilities
------------------------
| ID | Package | Severity | Resolution | Decision | Date |
|----|---------|----------|------------|----------|------|
| CVE-2023-1234 | lodash | high | Fixed | fix-applied | 2024-01-15 |

For the Date column, use the most recent history entry timestamp, or discovery.date as fallback.

Step 6: Manifest Tracking

If manifests are tracked, display:

Tracked Manifests
-----------------
| Manifest | Ecosystem | Last Scanned | Vulns Found |
|----------|-----------|--------------|-------------|
| package.json | npm | 2024-01-15T10:30:00Z | 3 |
| go.mod | go | 2024-01-15T10:31:00Z | 0 |

Step 7: Suggested Actions

For each open vulnerability (up to 5), suggest a next action based on its state:

  • Has no threat_model or cwss: "/vulnetix:exploits <id>" -- get exploit analysis and priority scoring
  • Has cwss but no fix applied: "/vulnetix:fix <id>" -- get fix intelligence
  • General: "/vulnetix:remediation <id>" -- get a full remediation plan

If there are more than 5 open vulns, add: "Use /vulnetix:exploits-search to find exploited vulnerabilities across your ecosystem."

Always end with: "Use /vulnetix:vuln <id> for detailed info on any vulnerability."