Which CVEs does this skill specifically address?

The skill is designed to remediate CVE-1 (vulnerable dependencies), CVE-2 (weak password hashing), and CVE-3 (hardcoded credentials) within the claude-flow ecosystem.

How does it handle input validation?

It uses Zod to create strict schemas that validate data types, lengths, and formats before processing, preventing common injection attacks.

Is it safe to use for executing shell commands?

The skill promotes the use of execFile with shell: false, which prevents shell interpretation of user input and effectively eliminates shell injection risks.

Does this skill provide automated security testing?

Yes, it implements the TDD London School security framework to ensure security-critical code achieves over 95% test coverage.

Can it prevent path traversal attacks?

Yes, it includes specialized path sanitization patterns that resolve and validate paths against allowed directory prefixes to block unauthorized file access.

V3 Security Overhaul

Name: V3 Security Overhaul
Author: ellisapotheosis

byellisapotheosis

0•

安全与测试

Automates the remediation of critical vulnerabilities and implements secure-by-default patterns for claude-flow v3 architectures.

The V3 Security Overhaul skill is a specialized tool for developers securing claude-flow v3 environments against modern attack vectors. It orchestrates a comprehensive security audit and remediation process, specifically targeting critical CVEs related to dependency management, weak hashing, and hardcoded credentials. By establishing security-first development practices—including Zod-based input validation, path sanitization, and safe command execution—it ensures that AI-driven workflows are resilient and compliant. It is particularly useful when upgrading legacy systems or preparing production-ready AI agents that require high-integrity security boundaries and robust test coverage.

主要功能

01Safe command execution patterns to mitigate shell injection risks

020 GitHub stars

03Implementation of bcrypt hashing for secure credential management

04Secure path resolution to prevent directory traversal attacks

05Automated remediation for CVE-1, CVE-2, and CVE-3 vulnerabilities

06Zod-based schema validation for rigorous input sanitization

使用场景

01Patching critical security vulnerabilities and outdated dependencies in AI workflows

02Migrating legacy claude-flow implementations to a secure-by-default v3 architecture

03Enforcing TDD security frameworks for high-compliance software development

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add ellisapotheosis/project-nyra v3-security-overhaul

For use in Claude.ai and ChatGPT

Download Skill