Stats
Actions
Available In
Tags
Plugin
find-cve-agent
Automates end-to-end CVE discovery in open source packages: finds under-audited targets, scans code for 20+ vulnerability classes like injection, auth bypass, and DoS, builds proof-of-concept exploits, validates findings through multi-gate verification, and generates professional disclosure reports for submission channels.
What's Inside
Slash Commands7
check-nvd
/check-nvd
Query NVD and OSV.dev for existing CVEs. Usage: /check-nvd <package-name>. Shows CVE count, severity breakdown, and recent fixes.
cross-pollinate
/cross-pollinate
Take a confirmed vulnerability pattern and find the same bug in similar packages. Usage: /cross-pollinate (run after confirming a finding).
fp-check
/fp-check
Run the 6-gate false positive elimination process on the current finding. Usage: /fp-check (run from a target directory with findings).
hunt
/hunt
Full CVE hunting pipeline. Usage: /hunt <package-name>. Orchestrates all agents: registry check, clone, code review, PoC build, validation, and report generation.
recon
/recon
Find targets in a category. Usage: /recon <category>. Examples: /recon csv-parsers, /recon template-engines, /recon archive-libs.
Agents5
exploiter
/exploiter
PoC builder and exploit chainer. Takes Hunter findings and builds working proof-of-concept exploits. Always seeks to escalate impact through vulnerability chaining.
hunter
/hunter
Code review specialist. Performs deep source code analysis to find security vulnerabilities by tracing data flows from untrusted input sources to dangerous sinks.
recon
/recon
Target discovery agent. Finds promising open source packages for security review by analyzing npm/PyPI/GitHub registries, download counts, and attack surfaces.
registry
/registry
Research tracking agent. Maintains REGISTRY.md as the single source of truth. Prevents duplicate work, records all outcomes, and answers status queries from other agents.
validator
/validator
False positive elimination specialist. Runs 6-gate verification process on every finding. Only CONFIRMED findings proceed to submission. Fail 3x = FALSE POSITIVE, no exceptions.
Skills21
advisory-mining
/advisory-mining
Mine GitHub Security Advisories and CVE databases for incomplete fixes, finding variant vulnerabilities in patched code or similar patterns in related packages.
auth-bypass
/auth-bypass
Detect authentication and authorization bypass vulnerabilities including missing auth middleware, JWT algorithm confusion, IDOR, and session fixation.
code-injection-codegen
/code-injection-codegen
Detect code injection vulnerabilities in packages that dynamically generate or evaluate code via new Function(), eval(), vm.run*, or template literal interpolation.
command-injection
/command-injection
Detect OS command injection via shell execution sinks where user-controlled input reaches system commands without proper sanitization.
cross-pollination
/cross-pollination
Cross-pollination multiplier technique: find a vulnerability in one package, then search for the same pattern across all similar packages to multiply findings.
Stats
Version1.0.0
LanguageJavaScript
Stars29
Forks5
MaintenanceGood
LicenseApache-2.0
Last Commit
Added
Safety Signals
Caution
Executes bash commands
Hook triggers when Bash tool is used
Modifies files
Hook triggers on file write and edit operations
