ReddRadar
Agent skill
vulnerability-management
Vulnerability assessment, tracking, and remediation management. Process scan results, prioritize findings, and track remediation progress. Use for vulnerability management programs and security assessments.
Install this agent skill to your Project
npx add-skill https://github.com/majiayu000/claude-skill-registry/tree/main/skills/data/vulnerability-management
Metadata
Additional technical details for this skill
- author
- SherifEldeeb
- version
- 1.0.0
- category
- cybersecurity
SKILL.md
Vulnerability Management Skill
Manage the complete vulnerability lifecycle from discovery to remediation with scan processing, risk prioritization, and tracking capabilities.
Capabilities
- Scan Processing: Parse vulnerability scan results (Nessus, Qualys, generic CSV)
- Risk Prioritization: Score and prioritize vulnerabilities by risk
- Remediation Tracking: Track remediation progress with SLAs
- Exception Management: Document risk acceptances and exceptions
- Reporting: Generate executive and technical vulnerability reports
- Metrics: Track vulnerability management KPIs
Quick Start
from vuln_utils import VulnerabilityScanner, RemediationTracker, VulnMetrics
# Process scan results
scanner = VulnerabilityScanner()
scanner.add_finding('CVE-2024-1234', 'Critical', 'SERVER-01', 'Remote code execution')
scanner.add_finding('CVE-2024-5678', 'High', 'SERVER-02', 'SQL injection')
# Track remediation
tracker = RemediationTracker()
tracker.add_vulnerability('CVE-2024-1234', 'Critical', 'SERVER-01')
tracker.assign('CVE-2024-1234', 'admin-team', due_date='2024-02-01')
tracker.mark_remediated('CVE-2024-1234', 'Patched')
# Generate report
print(scanner.generate_report())
Usage
Scan Processing
Parse and normalize vulnerability scan results.
Example:
from vuln_utils import VulnerabilityScanner
scanner = VulnerabilityScanner()
# Add findings manually
scanner.add_finding(
cve_id='CVE-2024-1234',
severity='Critical',
affected_host='SERVER-01',
description='Remote code execution in Apache',
cvss_score=9.8,
solution='Update to version 2.4.55'
)
scanner.add_finding(
cve_id='CVE-2024-5678',
severity='High',
affected_host='SERVER-02',
description='SQL injection vulnerability',
cvss_score=8.2,
solution='Apply security patch KB12345'
)
# Parse from CSV
scanner.import_csv('scan_results.csv')
# Parse Nessus CSV export
scanner.import_nessus_csv('nessus_export.csv')
# Get summary
print(scanner.get_summary())
# Filter by severity
critical = scanner.get_by_severity('Critical')
high = scanner.get_by_severity('High')
# Get unique CVEs
cves = scanner.get_unique_cves()
# Generate report
print(scanner.generate_report())
print(scanner.generate_executive_summary())
Risk Prioritization
Prioritize vulnerabilities based on multiple risk factors.
Example:
from vuln_utils import RiskPrioritizer
prioritizer = RiskPrioritizer()
# Add vulnerabilities with context
prioritizer.add_vulnerability(
cve_id='CVE-2024-1234',
cvss_score=9.8,
affected_host='SERVER-01',
asset_criticality='high',
exploit_available=True,
internet_facing=True
)
prioritizer.add_vulnerability(
cve_id='CVE-2024-5678',
cvss_score=8.2,
affected_host='SERVER-02',
asset_criticality='medium',
exploit_available=False,
internet_facing=False
)
# Calculate risk scores
prioritizer.calculate_risk_scores()
# Get prioritized list
prioritized = prioritizer.get_prioritized_list()
for vuln in prioritized:
print(f"{vuln['cve_id']}: Risk Score {vuln['risk_score']}")
# Get top N by risk
top_10 = prioritizer.get_top_n(10)
# Generate risk report
print(prioritizer.generate_risk_report())
Remediation Tracking
Track vulnerability remediation progress.
Example:
from vuln_utils import RemediationTracker
tracker = RemediationTracker()
# Add vulnerabilities to track
tracker.add_vulnerability(
cve_id='CVE-2024-1234',
severity='Critical',
affected_host='SERVER-01',
sla_days=7 # Critical = 7 days
)
tracker.add_vulnerability(
cve_id='CVE-2024-5678',
severity='High',
affected_host='SERVER-02',
sla_days=30 # High = 30 days
)
# Assign to teams
tracker.assign('CVE-2024-1234', 'infrastructure-team', due_date='2024-02-01')
tracker.assign('CVE-2024-5678', 'application-team', due_date='2024-02-15')
# Update status
tracker.update_status('CVE-2024-1234', 'in_progress', notes='Patch scheduled for maintenance window')
# Mark as remediated
tracker.mark_remediated('CVE-2024-1234', method='Patched to version 2.4.55')
# Check SLA compliance
overdue = tracker.get_overdue()
at_risk = tracker.get_at_risk(days=3) # Due within 3 days
# Generate status report
print(tracker.generate_status_report())
Exception Management
Document risk acceptances and exceptions.
Example:
from vuln_utils import ExceptionManager
exceptions = ExceptionManager()
# Create exception request
exceptions.create_exception(
cve_id='CVE-2024-9999',
affected_host='LEGACY-SERVER',
reason='System scheduled for decommission in 90 days',
compensating_controls='Network isolated, enhanced monitoring',
requested_by='john.smith',
expiration_date='2024-04-15'
)
# Approve exception
exceptions.approve_exception(
cve_id='CVE-2024-9999',
approved_by='security.manager',
notes='Approved with condition of weekly review'
)
# Check for expired exceptions
expired = exceptions.get_expired()
# Generate exception report
print(exceptions.generate_report())
Vulnerability Metrics
Track vulnerability management KPIs.
Example:
from vuln_utils import VulnMetrics
metrics = VulnMetrics()
# Add historical data
metrics.add_scan_result({
'date': '2024-01-15',
'critical': 5,
'high': 20,
'medium': 50,
'low': 100
})
metrics.add_remediation_record({
'cve_id': 'CVE-2024-1234',
'severity': 'Critical',
'detected_at': '2024-01-10',
'remediated_at': '2024-01-15'
})
# Calculate metrics
print(f"MTTR (Critical): {metrics.calculate_mttr('Critical'):.1f} days")
print(f"SLA Compliance: {metrics.calculate_sla_compliance():.1f}%")
print(f"Remediation Rate: {metrics.calculate_remediation_rate():.1f}%")
# Get trending data
trend = metrics.get_vulnerability_trend(days=90)
# Generate metrics report
print(metrics.generate_report())
Asset-Based Views
View vulnerabilities by asset.
Example:
from vuln_utils import AssetVulnerabilityView
view = AssetVulnerabilityView()
# Add asset vulnerability data
view.add_asset_vulnerability('SERVER-01', 'CVE-2024-1234', 'Critical')
view.add_asset_vulnerability('SERVER-01', 'CVE-2024-5678', 'High')
view.add_asset_vulnerability('SERVER-02', 'CVE-2024-9999', 'Medium')
# Set asset metadata
view.set_asset_criticality('SERVER-01', 'high')
view.set_asset_criticality('SERVER-02', 'medium')
# Get asset risk summary
summary = view.get_asset_summary('SERVER-01')
# Get highest risk assets
risky_assets = view.get_highest_risk_assets(limit=10)
# Generate asset report
print(view.generate_asset_report('SERVER-01'))
Configuration
Environment Variables
| Variable | Description | Required | Default |
|---|---|---|---|
VULN_SLA_CRITICAL |
SLA days for Critical | No | 7 |
VULN_SLA_HIGH |
SLA days for High | No | 30 |
VULN_SLA_MEDIUM |
SLA days for Medium | No | 90 |
VULN_SLA_LOW |
SLA days for Low | No | 180 |
Default SLAs
| Severity | Default SLA |
|---|---|
| Critical | 7 days |
| High | 30 days |
| Medium | 90 days |
| Low | 180 days |
Limitations
- No Scanner Integration: Manual import required
- No Auto-Discovery: Assets must be defined manually
- Local Storage: Data stored in memory only
Troubleshooting
Invalid CVSS Score
CVSS scores must be between 0.0 and 10.0:
# Valid
scanner.add_finding('CVE-2024-1234', 'Critical', 'SERVER-01', cvss_score=9.8)
# Invalid
scanner.add_finding('CVE-2024-1234', 'Critical', 'SERVER-01', cvss_score=15.0) # Error!
SLA Calculation Issues
Ensure dates are in correct format:
# Correct format
tracker.assign('CVE-2024-1234', 'team', due_date='2024-02-01')
# Incorrect format
tracker.assign('CVE-2024-1234', 'team', due_date='02/01/2024') # May fail
Related Skills
- grc: Compliance integration
- xlsx: Data analysis and reporting
- docx: Report generation
References
- Detailed API Reference
- CVSS v3.1 Specification
- NIST NVD
Recommended Agent Skills
Expand your agent's capabilities with these related and highly-rated skills.
majiayu000/claude-skill-registry
agent-ops-spec
Manage specification documents in .agent/specs/. Use when user provides requirements, acceptance criteria, or feature descriptions that need to be tracked and validated against implementation.
majiayu000/claude-skill-registry
agent-ops-state
Maintain .agent state files. Use at session start, after meaningful steps, and before concluding: read/update constitution/memory/focus/issues/baseline consistently.
majiayu000/claude-skill-registry
agent-ops-spec
Manage specification documents in .agent/specs/. Use when user provides requirements, acceptance criteria, or feature descriptions that need to be tracked and validated against implementation.
majiayu000/claude-skill-registry
agent-ops-testing
Test strategy, execution, and coverage analysis. Use when designing tests, running test suites, or analyzing test results beyond baseline checks.
majiayu000/claude-skill-registry
agent-ops-testing
Test strategy, execution, and coverage analysis. Use when designing tests, running test suites, or analyzing test results beyond baseline checks.
majiayu000/claude-skill-registry
agent-ops-state
Maintain .agent state files. Use at session start, after meaningful steps, and before concluding: read/update constitution/memory/focus/issues/baseline consistently.
Didn't find tool you were looking for?