Skip to content

SKILL.md

Latest commit

 

History

History
56 lines (40 loc) · 1.26 KB

SKILL.md

File metadata and controls

56 lines (40 loc) · 1.26 KB
name Java CWE Security Skills Collection
description 53 AI-ready security remediation guides for Java vulnerabilities

Java CWE Security Skills Collection

Use this skill when fixing Java security vulnerabilities, remediating SAST findings, or resolving CWE issues.

Quick Install

npx skills add DevelopersCoffee/java-cwe-security-skills --all

What is Included

53 deterministic remediation patterns for CWEs in Java.

Skills by Category

Critical - Injection

  • CWE-89: SQL Injection
  • CWE-79: Cross-Site Scripting
  • CWE-78: OS Command Injection
  • CWE-94: Code Injection

Critical - Authentication

  • CWE-287: Improper Authentication
  • CWE-306: Missing Authentication
  • CWE-284: Improper Access Control

High - Cryptography

  • CWE-327: Broken Crypto Algorithm
  • CWE-328: Weak Hash
  • CWE-330: Insufficient Randomness

High - Data Exposure

  • CWE-200: Information Exposure
  • CWE-209: Error Message Exposure
  • CWE-532: Log Injection

Medium - Input Validation

  • CWE-22: Path Traversal
  • CWE-611: XXE Injection
  • CWE-502: Insecure Deserialization

Medium - Resource Management

  • CWE-400: Resource Exhaustion
  • CWE-770: Resource Allocation Limits

Repository

https://github.com/DevelopersCoffee/java-cwe-security-skills

License: MIT