SANS/CWE Top 25 Dispatcher

Analyze scoped code directly against the SANS/CWE Top 25 Most Dangerous Software Weaknesses (2024). Unlike the OWASP and STRIDE dispatchers, this skill does NOT dispatch individual subagents per category. Instead it reads the full framework reference, determines which CWEs are relevant to the scoped code based on languages and patterns, checks each applicable CWE directly, groups findings by CWE category, and cross-references with OWASP and STRIDE mappings.

Supported Flags

Read ../../shared/schemas/flags.md for the full flag specification. This dispatcher supports all cross-cutting flags.