fix-github-vulnerabilities
CommunityAuto-patch Dependabot alerts in GitHub repos.
Authortianhuil
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill automates the end-to-end process of identifying and patching open Dependabot alerts in a GitHub repository, reducing manual remediation time by detecting vulnerable dependencies, updating them to patched versions using the repo's native package manager, and generating a commit with fixes.
Core Features & Use Cases
- Fetch open Dependabot alerts across ecosystems and group them by project and language
- Update vulnerable dependencies to at least the patched versions, aligned with repository tooling
- Run available tests to verify updates and push fixes or propose a pull request when needed
- Support security remediation workflows for typical open-source and private repositories
Quick Start
Run the fix-github-vulnerabilities skill on your repository to automatically fetch open Dependabot alerts, update vulnerable dependencies, and push fixes.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: fix-github-vulnerabilities Download link: https://github.com/tianhuil/dotfiles/archive/main.zip#fix-github-vulnerabilities Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.