How does the skill ensure the security fix is correct?

The skill cross-references the finding with authoritative sources like official framework documentation and OWASP cheat sheets before applying a minimal, contextual fix to your code.

What types of vulnerabilities can this skill fix?

It handles a wide range of issues including SQL injection, Cross-Site Scripting (XSS), CSRF, SSRF, path traversal, command injection, and authentication flaws.

Which AI agents are compatible with this skill?

This skill is compatible with Claude Code, Cursor, Windsurf, Cline, and Aider.

Will it change my existing coding style?

No, the skill gathers codebase context first to ensure that any proposed fixes match your existing utilities, decorators, and framework-specific idioms.

Does it support both GitHub and GitLab?

Yes, it is specifically designed to parse comments and findings from both GitHub Pull Requests and GitLab Merge Requests.

DryRun Security Remediation

Name: DryRun Security Remediation
Author: DryRunSecurity

byDryRunSecurity

0•

Security & Testing

Remediates security vulnerabilities identified by DryRunSecurity by applying context-aware fixes grounded in authoritative documentation.

The DryRun Security Remediation skill streamlines the DevSecOps workflow by enabling AI coding agents to intelligently resolve security vulnerabilities such as SQL injection, XSS, and authentication flaws. By parsing findings directly from GitHub PR or GitLab MR comments, the skill researches official framework documentation and OWASP standards to propose minimal, contextual fixes. It ensures that security patches are not only accurate but also align with the existing patterns of your codebase, providing clear explanations and verification steps for every change.

Key Features

01Remediation of SQLi, CSRF, SSRF, and authentication flaws

02Real-time research of authoritative sources like OWASP and official docs

03Detailed vulnerability explanations and post-fix verification steps

04Automated parsing of DryRunSecurity findings from PR/MR comments

05Deep codebase context gathering for framework-idiomatic fixes

060 GitHub stars

Use Cases

01Patching legacy codebases against modern OWASP Top 10 vulnerabilities

02Resolving security findings flagged during automated GitHub or GitLab code reviews

03Ensuring secure coding patterns are maintained across multi-framework repositories

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add dryrunsecurity/external-plugin-marketplace remediation

For use in Claude.ai and ChatGPT

Key Features

01Remediation of SQLi, CSRF, SSRF, and authentication flaws

02Real-time research of authoritative sources like OWASP and official docs

03Detailed vulnerability explanations and post-fix verification steps

04Automated parsing of DryRunSecurity findings from PR/MR comments

05Deep codebase context gathering for framework-idiomatic fixes

060 GitHub stars

Use Cases

01Patching legacy codebases against modern OWASP Top 10 vulnerabilities

02Resolving security findings flagged during automated GitHub or GitLab code reviews

03Ensuring secure coding patterns are maintained across multi-framework repositories

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add dryrunsecurity/external-plugin-marketplace remediation

For use in Claude.ai and ChatGPT