Skills

vulnerability-pattern-matcher

Installation
SKILL.md

Vulnerability Pattern Matcher

This skill delegates to Project CodeGuard for its pattern catalog. Where static-vulnerability-detector traces data flow, this skill does lexical/syntactic matching against CodeGuard's ban-lists — faster, higher recall, more false positives.

Upstream: https://github.com/cosai-oasis/project-codeguard/tree/main/skills/software-security

Dispatch

Pattern class CodeGuard rule
Banned C/C++ functions (strcpy, gets, sprintf, …) codeguard-0-safe-c-functions
Weak crypto (MD5, SHA-1, DES, ECB, static IV) codeguard-1-crypto-algorithms, codeguard-0-additional-cryptography
Hardcoded secrets (key prefixes, entropy, connection strings) codeguard-1-hardcoded-credentials
Certificate handling (PEM blocks, weak sigs) codeguard-1-digital-certificates
Deprecated OpenSSL/SSL APIs codeguard-1-crypto-algorithms §"Deprecated SSL/Crypto APIs"

Workflow

Installs
1
Repository
santosomar/gene…t-skills
GitHub Stars
1
First Seen
Mar 29, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykFail
vulnerability-pattern-matcher — santosomar/general-secure-coding-agent-skills