security-advisory-response

Facilitates coordinated responses to GitHub Security Advisories, ensuring confidential triage and patching processes.

Install this skill

or

45/100

Security score

The security-advisory-response skill was audited on Jun 2, 2026 and we found 5 security issues across 1 threat category, including 3 high-severity. Review the findings below before installing.

Categories Tested

Security Issues

medium line 29

Template literal with variable interpolation in command context

SourceSKILL.md

29

```bash

medium line 65

Template literal with variable interpolation in command context

SourceSKILL.md

65

```bash

high line 115

Template literal with variable interpolation in command context

SourceSKILL.md

115	1. Update advisory metadata: patched version range, credits, CVSS vector. `gh api -X PATCH "repos/${REPO}/security-advisories/${GHSA}" -f severity=high -f patched_versions=">=X.Y.Z"`

high line 116

Template literal with variable interpolation in command context

SourceSKILL.md

116	2. Publish advisory — this auto-merges the private fork into the default branch and triggers CVE assignment: `gh api -X POST "repos/${REPO}/security-advisories/${GHSA}/publish"`

high line 124

Template literal with variable interpolation in command context

SourceSKILL.md

124	- CVE verification: CVE propagation may take hours-to-days. Check `gh api "repos/${REPO}/security-advisories/${GHSA}" --jq .cve_id` until populated

Scanned on Jun 2, 2026

View Security Dashboard

Installation guide →

GitHub Stars 13

Rate this skill

Categorydevelopment

UpdatedJune 15, 2026

github-copilot backend security-engineer devops-sre backend-developer github development

nexus-substrate/nexus-agents