vuln-critic

Official

Pre-filter vuln findings to save pentest time.

Authordreadnode
Version1.0.0
Installs0

System Documentation

What problem does it solve?

Security teams and penetration testers waste significant time manually verifying low-quality, false positive vulnerability findings from automated scanners and AI agents. This skill acts as an adversarial pre-filter to triage findings before hands-on testing, eliminating wasted effort on non-issues.

Core Features & Use Cases

  • Evidence Quality Assessment: Evaluates each finding for specificity, evidence chain completeness, and reproducibility to gauge how much trust to place in the report.
  • False Positive Pattern Matching: Auto-rejects known low-value findings like missing security headers without exploitation scenarios or self-XSS that only affects the attacker's own session.
  • Severity Calibration: Re-ranks findings based on actual demonstrated impact rather than agent claims, so teams prioritize real, high-risk vulnerabilities first.
  • Use Case: A red team running a web application pentest can feed all scanner and agent output into this skill to get a prioritized list of only high-confidence findings to test, skipping obvious false positives.

Quick Start

Use the vuln-critic skill to triage and prioritize all findings from your latest web application penetration test.

Dependency Matrix

Required Modules

None required

Components

Standard package

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: vuln-critic
Download link: https://github.com/dreadnode/capabilities/archive/main.zip#vuln-critic

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 536,000+ vetted skills library on demand.