vuln-critic
OfficialPre-filter vuln findings to save pentest time.
Software Engineering#penetration testing#web security#red teaming#vulnerability triage#severity calibration#false positive filtering
Authordreadnode
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Security teams and penetration testers waste significant time manually verifying low-quality, false positive vulnerability findings from automated scanners and AI agents. This skill acts as an adversarial pre-filter to triage findings before hands-on testing, eliminating wasted effort on non-issues.
Core Features & Use Cases
- Evidence Quality Assessment: Evaluates each finding for specificity, evidence chain completeness, and reproducibility to gauge how much trust to place in the report.
- False Positive Pattern Matching: Auto-rejects known low-value findings like missing security headers without exploitation scenarios or self-XSS that only affects the attacker's own session.
- Severity Calibration: Re-ranks findings based on actual demonstrated impact rather than agent claims, so teams prioritize real, high-risk vulnerabilities first.
- Use Case: A red team running a web application pentest can feed all scanner and agent output into this skill to get a prioritized list of only high-confidence findings to test, skipping obvious false positives.
Quick Start
Use the vuln-critic skill to triage and prioritize all findings from your latest web application penetration test.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: vuln-critic Download link: https://github.com/dreadnode/capabilities/archive/main.zip#vuln-critic Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 536,000+ vetted skills library on demand.