vulnerability-validation
Installation
SKILL.md
Vulnerability Validation
Validate security findings by assessing whether they are actually exploitable in the context of this codebase. This skill filters false positives, confirms real vulnerabilities, and generates proof-of-concept exploits.
When to Use This Skill
- After commit-security-scan - Validate findings before creating issues or blocking PRs
- HIGH/CRITICAL findings - Prioritize validation of severe findings
- Before patching - Confirm vulnerability is real before investing in fixes
- Security review - Deep-dive validation of specific findings
Prerequisites
.factory/threat-model.mdmust exist (fromthreat-model-generationskill)security-findings.jsonmust exist (fromcommit-security-scanskill)
Inputs
| Input | Description | Required | Default |
Related skills
More from factory-ai/factory-plugins
no-use-effect
>-
285human-writing
|
126simplify
Review changed code for reuse, quality, and efficiency, then fix any issues found.
91frontend-design
|
85security-review
Scan code changes for security vulnerabilities using STRIDE threat modeling, validate findings for exploitability, and output structured results for downstream patch generation. Supports PR review, scheduled scans, and full repository audits.
73visual-design
|
71