Skills

patch-advisor

Installation
SKILL.md

Patch Advisor

This skill delegates to Project CodeGuard for remediation patterns. Every CodeGuard rule includes an "Implementation Checklist" and concrete before→after code; this skill is the CWE→rule→fix lookup.

Upstream: https://github.com/cosai-oasis/project-codeguard/tree/main/skills/software-security

Dispatch (CWE → CodeGuard rule → fix section)

CWE CodeGuard rule Fix pattern
89 codeguard-0-input-validation-injection PreparedStatement / parameterized query examples
78 codeguard-0-input-validation-injection ProcessBuilder / structured-exec + arg allow-list
79 codeguard-0-client-side-web-security Context-aware encoding, DOMPurify, Trusted Types
502 codeguard-0-xml-and-serialization yaml.safe_load, ObjectInputStream allow-list, TypeNameHandling=None
611 codeguard-0-xml-and-serialization disallow-doctype-decl, DtdProcessing.Prohibit, defusedxml
22 codeguard-0-file-handling-and-uploads Canonicalize-then-prefix-check; value allow-list
798 codeguard-1-hardcoded-credentials KMS/vault extraction; env injection at runtime
327 codeguard-1-crypto-algorithms Algorithm substitution table (MD5→SHA-256, AES-ECB→AES-GCM)
862 codeguard-0-authorization-access-control User-scoped query; middleware enforce; DTO allow-list
Installs
1
Repository
santosomar/gene…t-skills
GitHub Stars
1
First Seen
Mar 29, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykPass
patch-advisor — santosomar/general-secure-coding-agent-skills