How does it align with industry security standards?

The patterns are mapped directly to the OWASP Top 10 2021 categories, covering Injection, Access Control, Security Misconfiguration, and more.

Which programming languages are supported?

It supports common languages including JavaScript, TypeScript, Python, Go, Java, Ruby, and PHP, along with universal patterns for config files and Docker.

Does this skill perform the actual scanning?

This skill acts as an index; for actual scanning, Claude uses it to route to specialized sub-skills like vuln-patterns-core or vuln-patterns-languages.

What is the Vulnerability Patterns skill used for?

It serves as a central hub to help Claude find and use specific security detection patterns for universal risks or language-specific vulnerabilities.

Vulnerability Patterns Index

Name: Vulnerability Patterns Index
Author: Zate

byZate

安全与测试

Provides a centralized index for routing Claude to universal and language-specific security vulnerability detection patterns.

关于

This skill acts as a comprehensive directory for security scanning within Claude Code, directing the AI to the most relevant detection patterns for identifying code risks. It categorizes vulnerabilities into core universal patterns—such as hardcoded secrets and command injection—and language-specific patterns for ecosystems like JavaScript, Python, Go, and Java. By mapping these patterns to OWASP Top 10 standards, it enables precise security audits, configuration checks, and automated scanning workflows tailored to the specific technology stack being analyzed.

主要功能

Modular routing to universal and language-specific detection patterns
Language-specific signatures for JS, Python, Go, Java, Ruby, and PHP
0 GitHub stars
Detection of hardcoded secrets, API keys, and configuration leaks
Comprehensive mapping to OWASP Top 10 vulnerability categories
Guidance for security hook integration and false positive mitigation

使用场景

Identifying the correct specialized skill for targeted security reviews
Conducting high-level codebase audits for universal security flaws
Mapping project vulnerabilities to the OWASP risk framework

关于

主要功能

Modular routing to universal and language-specific detection patterns
Language-specific signatures for JS, Python, Go, Java, Ruby, and PHP
0 GitHub stars
Detection of hardcoded secrets, API keys, and configuration leaks
Comprehensive mapping to OWASP Top 10 vulnerability categories
Guidance for security hook integration and false positive mitigation

使用场景

Identifying the correct specialized skill for targeted security reviews
Conducting high-level codebase audits for universal security flaws
Mapping project vulnerabilities to the OWASP risk framework