import-security-issue-from-pr
OfficialTurn public PR fixes into security trackers.
Authorapache
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Convert a public upstream PR that contains a security-relevant fix into a dedicated tracker in the security project, enabling formal CVE allocation and coordinated disclosure workflows.
Core Features & Use Cases
- Detects the PR metadata (title, body, author, state) and derives the applicable scope based on changed files.
- Proposes milestone and constructs a complete tracker payload (title, body, labels, and status) before creation.
- Creates the tracker in the tracker repository, applies labels, assigns a milestone, pins to the Assessed board, and surfaces a status rollup for hand-off to CVE allocation.
- Enforces safety rules for public-PR imports, including reporter credit policy and confidentiality considerations.
Quick Start
Import a public upstream PR (URL or number) to convert it into a security tracker ready for CVE allocation.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: import-security-issue-from-pr Download link: https://github.com/apache/airflow-steward/archive/main.zip#import-security-issue-from-pr Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.