Skip to main content

implementing-vulnerability-sla-breach-alerting

Automates alerting for vulnerability remediation SLA breaches, ensuring timely notifications and compliance reporting.

Install this skill

or
78/100

Security score

The implementing-vulnerability-sla-breach-alerting skill was audited on Jun 6, 2026 and we found 10 security issues across 3 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 63

Template literal with variable interpolation in command context

SourceSKILL.md
63```yaml
medium line 47

Webhook reference - potential data exfiltration

SourceSKILL.md
47- SMTP server or webhook endpoint (Slack, Microsoft Teams, PagerDuty)
low line 102

Webhook reference - potential data exfiltration

SourceSKILL.md
102webhook_url: "${SLACK_WEBHOOK_URL}"
low line 198

Webhook reference - potential data exfiltration

SourceSKILL.md
198def send_slack_alert(webhook_url, vuln_data, sla_status):
low line 215

Webhook reference - potential data exfiltration

SourceSKILL.md
215requests.post(webhook_url, json=payload, timeout=10)
medium line 304

Webhook reference - potential data exfiltration

SourceSKILL.md
304- [Slack Incoming Webhooks](https://api.slack.com/messaging/webhooks)
low line 233

External URL reference

SourceSKILL.md
233"https://events.pagerduty.com/v2/enqueue",
low line 301

External URL reference

SourceSKILL.md
301- [Vulnerability Management SLAs Guide](https://hostedscan.com/blog/vulnerability-management-slas-guide)
low line 302

External URL reference

SourceSKILL.md
302- [NIST SP 800-40 Rev 4 - Patch Management](https://csrc.nist.gov/publications/detail/sp/800-40/rev-4/final)
low line 304

External URL reference

SourceSKILL.md
304- [Slack Incoming Webhooks](https://api.slack.com/messaging/webhooks)
Scanned on Jun 6, 2026
View Security Dashboard
Installation guide →
GitHub Stars 14.7K
Rate this skill
Categorydevelopment
UpdatedJune 10, 2026
openclawapidatabasesecurity-engineercompliance-officerdevops-sreslackmicrosoft-teamspagerdutypostgresqlsqlitedevelopmentlegal
mukul975/Anthropic-Cybersecurity-Skills