Stats
Actions
Tags
From syncable-cli-skills
Scans project dependencies for known CVEs across npm, pip, cargo, Go, and Java ecosystems. Reports vulnerable packages with severity, affected versions, and fixes.
How this skill is triggered — by the user, by Claude, or both
Slash command
/syncable-cli-skills:syncable-vulnerabilitiesThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Scan project dependencies for known CVEs across npm, pip, cargo, go, and java ecosystems. Returns vulnerable packages with severity, affected versions, and available fixes.
Scan project dependencies for known CVEs across npm, pip, cargo, go, and java ecosystems. Returns vulnerable packages with severity, affected versions, and available fixes.
| Flag | Purpose |
|---|---|
--agent | Compressed output (always use) |
--severity {low|medium|high|critical} | Minimum severity threshold |
--output <FILE> | Write report to file |
sync-ctl vulnerabilities <PATH> --agent
Success criteria: JSON output with summary containing severity counts.
Priority: critical/high CVEs with fixes (actionable) > critical/high without fixes (risk flag) > medium/low (mention count only, don't enumerate unless asked).
Compressed output includes critical + first 10 high findings. Medium/low are counts only:
sync-ctl retrieve <ref_id> --query "severity:medium"
sync-ctl retrieve <ref_id> --query "severity:low"
sync-ctl retrieve <ref_id> --query "file:services/api"
Results paginated (default 20). Use --limit N --offset M for more.
Available queries: severity:<level>, file:<path>
| Error | Action |
|---|---|
tool not found / scanner missing | Run sync-ctl tools install --yes, then retry |
No dependencies found | Run sync-ctl analyze <PATH> --agent first to verify dependencies exist |
| Timeout on large dep tree | Try scanning specific subdirectories |
npx claudepluginhub syncable-dev/syncable-cli --plugin syncable-cli-skillsScans project dependencies for CVEs and vulnerabilities across npm, pip, .NET, and Rust ecosystems using npm audit, pip-audit, dotnet list, and cargo audit. Generates reports with severity tables, CVE details, and remediation plans.
Scans codebases, dependencies, and configurations for security vulnerabilities including CVEs and code flaws, generating reports with severity ratings and remediation steps.
Scan application dependencies for known vulnerabilities and manage security updates across supply chain.