Which CVEs does this skill specifically address?

The skill is designed to remediate CVE-1 (vulnerable dependencies), CVE-2 (weak password hashing), and CVE-3 (hardcoded credentials) within the claude-flow ecosystem.

How does it handle input validation?

It uses Zod to create strict schemas that validate data types, lengths, and formats before processing, preventing common injection attacks.

Is it safe to use for executing shell commands?

The skill promotes the use of execFile with shell: false, which prevents shell interpretation of user input and effectively eliminates shell injection risks.

Does this skill provide automated security testing?

Yes, it implements the TDD London School security framework to ensure security-critical code achieves over 95% test coverage.

Can it prevent path traversal attacks?

Yes, it includes specialized path sanitization patterns that resolve and validate paths against allowed directory prefixes to block unauthorized file access.

V3 Security Overhaul

Name: V3 Security Overhaul
Author: ellisapotheosis

byellisapotheosis

安全与测试

Automates the remediation of critical vulnerabilities and implements secure-by-default patterns for claude-flow v3 architectures.

关于

The V3 Security Overhaul skill is a specialized tool for developers securing claude-flow v3 environments against modern attack vectors. It orchestrates a comprehensive security audit and remediation process, specifically targeting critical CVEs related to dependency management, weak hashing, and hardcoded credentials. By establishing security-first development practices—including Zod-based input validation, path sanitization, and safe command execution—it ensures that AI-driven workflows are resilient and compliant. It is particularly useful when upgrading legacy systems or preparing production-ready AI agents that require high-integrity security boundaries and robust test coverage.

主要功能

Safe command execution patterns to mitigate shell injection risks
0 GitHub stars
Implementation of bcrypt hashing for secure credential management
Secure path resolution to prevent directory traversal attacks
Automated remediation for CVE-1, CVE-2, and CVE-3 vulnerabilities
Zod-based schema validation for rigorous input sanitization

使用场景

Patching critical security vulnerabilities and outdated dependencies in AI workflows
Migrating legacy claude-flow implementations to a secure-by-default v3 architecture
Enforcing TDD security frameworks for high-compliance software development

关于

主要功能

Safe command execution patterns to mitigate shell injection risks
0 GitHub stars
Implementation of bcrypt hashing for secure credential management
Secure path resolution to prevent directory traversal attacks
Automated remediation for CVE-1, CVE-2, and CVE-3 vulnerabilities
Zod-based schema validation for rigorous input sanitization

使用场景

Patching critical security vulnerabilities and outdated dependencies in AI workflows
Migrating legacy claude-flow implementations to a secure-by-default v3 architecture
Enforcing TDD security frameworks for high-compliance software development