Stats
Actions
Tags
From communitytools
Fetches CVSS risk scores, severity, CWE, and descriptions from NVD for any CVE ID mentioned in conversation. Auto-invoked on CVE-YYYY-NNNNN pattern.
How this skill is triggered — by the user, by Claude, or both
Slash command
/communitytools:cve-risk-scoreThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Fetch and display CVE risk scores from the National Vulnerability Database (NVD) whenever a CVE ID appears in conversation.
Fetch and display CVE risk scores from the National Vulnerability Database (NVD) whenever a CVE ID appears in conversation.
This skill MUST be invoked automatically whenever a CVE ID (pattern CVE-YYYY-NNNNN) is mentioned by the user or discovered during research/scanning. Do not wait for explicit invocation.
Extract CVE IDs from the user's message or tool output (regex: CVE-\d{4}-\d{4,})
Run the lookup script:
python3 tools/nvd-lookup.py CVE-XXXX-XXXXX [CVE-YYYY-YYYYY ...]
Present the results in a concise table format:
| CVE ID | Score | Severity | CWE | Description |
|---|---|---|---|---|
| CVE-XXXX-XXXXX | 9.8 | CRITICAL | CWE-79 | ... |
Continue with the user's original task — the score lookup is supplementary context, not a blocking step.
When presenting CVE risk scores inline, use this compact format:
CVE-2024-12345: 9.8 CRITICAL (CWE-79) — Remote code execution via ...
For multiple CVEs, use a markdown table.
NVD_API_KEY is set in .env, the script uses it for higher rate limits.This skill complements other skills:
npx claudepluginhub transilienceai/communitytoolsCalculates and interprets CVSS scores for vulnerability prioritization, covering CVSS v4.0 metrics, vector strings, and contextual factors like EPSS and CISA KEV.
Researches CVE IDs via NVD API, generates standalone Python PoC scripts, and produces detailed vulnerability reports.
Researches CVE IDs via NVD API, generates standalone Python PoC scripts, and produces detailed vulnerability reports.