Can it handle multiple vulnerability findings at once?

Yes, it can process multiple findings by creating separate, consistently formatted patches for each occurrence to ensure clean version control history.

How does it ensure the fixes don't break existing functionality?

The skill follows core principles of minimal changes and backward compatibility, ensuring API contracts are maintained and providing testing guidance for regression verification.

Which programming languages are supported?

The skill includes specific expertise and library recommendations for Python, JavaScript/TypeScript, and Go, though it can apply general secure coding principles to most languages.

Does the skill provide patches in a standard format?

Yes, it generates patches in the unified diff format, making them fully compatible with 'git apply' and standard code review workflows.

What types of vulnerabilities can this skill fix?

It can remediate a wide range of common security issues including SQL injection, Cross-Site Scripting (XSS), Path Traversal, CSRF, hardcoded secrets, and weak cryptography.

Security Fixer

Name: Security Fixer
Author: jpoley

byjpoley

•

Security & Testing

Generates production-grade security patches and remediates vulnerabilities like SQL injection, XSS, and hardcoded secrets using secure coding patterns.

About

The Security Fixer skill empowers Claude to act as an expert security engineer, automating the remediation of critical vulnerabilities while maintaining code integrity. It specializes in generating minimal, backward-compatible unified diff patches that adhere to defense-in-depth principles. By utilizing framework-specific secure patterns and industry-standard libraries, it ensures that codebases are protected against common threats like SQL injection, cross-site scripting (XSS), and insecure deserialization without introducing regressions or leaking sensitive information in error logs.

Key Features

Upgrading weak cryptographic algorithms to modern, high-entropy standards
Automated generation of unified diff patches for seamless Git integration
5 GitHub stars
Remediation of OWASP Top 10 vulnerabilities including SQLi, XSS, and CSRF
Secure replacement of hardcoded secrets with environment variable patterns
Language-specific security pattern implementation for Python, JavaScript, and Go

Use Cases

Generating verified security patches during rapid incident response cycles
Remediating security findings from SAST/DAST tools or bug bounty reports
Refactoring legacy code to use modern, secure framework-specific APIs

About

Key Features

Upgrading weak cryptographic algorithms to modern, high-entropy standards
Automated generation of unified diff patches for seamless Git integration
5 GitHub stars
Remediation of OWASP Top 10 vulnerabilities including SQLi, XSS, and CSRF
Secure replacement of hardcoded secrets with environment variable patterns
Language-specific security pattern implementation for Python, JavaScript, and Go

Use Cases

Generating verified security patches during rapid incident response cycles
Remediating security findings from SAST/DAST tools or bug bounty reports
Refactoring legacy code to use modern, secure framework-specific APIs