Stats
Actions
Tags
From vulncheck-cli
Use the VulnCheck CLI to query vulnerability and exploit intelligence. Invoke when the user asks about listing or querying VulnCheck indices, security advisories, vendor advisories, CVE lookups, downloading index backups, known exploited vulnerabilities, KEV, CISA KEV, NVD, package security, PURL lookups (npm, pypi, maven, cargo, golang, nuget), CPE lookups, scanning a project or directory for vulnerable dependencies, exploits, Initial Access Intelligence, detection rules (Snort, Suricata), IP intelligence, C2 infrastructure, botnet tracking, protective DNS, or offline vulnerability scanning.
How this skill is triggered — by the user, by Claude, or both
Slash command
/vulncheck-cli:vulncheck-cliThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
> **Binary is `vulncheck`** — not `vulncheck-cli`, not `vci`. No `||` fallbacks, no `echo` error strings. Run commands directly. VulnCheck is a standalone CLI — it does not require a project directory.
Binary is
vulncheck— notvulncheck-cli, notvci. No||fallbacks, noechoerror strings. Run commands directly. VulnCheck is a standalone CLI — it does not require a project directory.
If not authenticated, run vulncheck auth login before proceeding.
vulncheck auth status # check current auth state
vulncheck auth login # log in (requires TTY)
vulncheck auth logout # log out
VulnCheck has 490+ named indices — vendor advisories, CVE feeds, exploit data, KEV lists, and more.
List all available indices (use only when discovering index names — if you already know the index name, query it directly):
vulncheck indices list --json # plain JSON array of {name, description, href}
vulncheck indices list --json | jq '.[].name' # all names
vulncheck indices list --json | jq '.[] | select(.name | contains("nvd"))' # filter
vulncheck indices browse # interactive (requires TTY)
Query an index (returns a plain JSON array, no --json flag needed):
vulncheck index list <index-name>
vulncheck index list <index-name> --cve CVE-2021-44228
vulncheck index list <index-name> --limit 10 --sort date_added
vulncheck index list <index-name> --pubStartDate 2024-01-01 --pubEndDate 2024-06-30
vulncheck index list <index-name> --cursor <value> # next page
vulncheck index list <index-name> --page 2 # page-based pagination
vulncheck index browse <index-name> # interactive (requires TTY)
Pipe to jq for filtering, e.g. | jq '.[0]' for the first record. For 30+ additional flags (CIDR, ASN, threat actor, ransomware, MITRE ID, etc.) run vulncheck index list --help.
Common indices:
| Index | Contents |
|---|---|
vulncheck-nvd2 | NVD CVE data enriched by VulnCheck |
vulncheck-kev | VulnCheck Known Exploited Vulnerabilities |
cisa-kev | CISA KEV catalog |
initial-access | Initial Access Intelligence (exploits, PoCs) |
ipintel-3d / ipintel-10d / ipintel-30d / ipintel-90d | IP Intelligence (by timeframe) |
Download a backup:
vulncheck backup download requires a TTY and will fail in this environment. Use the signed URL instead:
# Get the URL (default — always extract .url so the user can copy-paste it)
vulncheck backup url <index-name> --json | jq -r '.url'
# Download directly
vulncheck backup url <index-name> --json | jq -r '.url' | xargs curl -OL
Always run the jq -r '.url' form — never dump the raw JSON. The user needs a plain URL they can use.
vulncheck version # show current version, build date, and changelog URL
vulncheck upgrade # upgrade the CLI to the latest release
| Task | Reference |
|---|---|
| PURL and CPE package lookups | references/purl-cpe.md |
| Scan a project directory for vulnerable dependencies | references/scanning.md |
| Air-gapped / offline scanning and lookups | references/offline.md |
| IP intelligence, C2 infrastructure, protective DNS | references/ip-intelligence.md |
| Detection rules, Snort/Suricata, Initial Access Intelligence | references/initial-access.md |
| API token management | references/token.md |
Creates, edits, and optimizes skills for Claude Code, including drafting, evaluating with test prompts, iterating on performance, and improving skill descriptions for better triggering accuracy.
npx claudepluginhub vulncheck-oss/agent-tools --plugin vulncheck-cli