技能详情(站内镜像,无评论)
作者:Muhammad Mazhar Saeed @0x-professor
许可证:MIT-0
MIT-0 ·免费使用、修改和重新分发。无需归因。
版本:v0.1.0
统计:⭐ 0 · 314 · 2 current installs · 2 all-time installs
⭐ 0
安装量(当前) 2
🛡 VirusTotal :可疑 · OpenClaw :良性
Package:0x-professor/cyber-kev-triage
安全扫描(ClawHub)
- VirusTotal :可疑
- OpenClaw :良性
OpenClaw 评估
The skill is internally consistent: it locally scores and ranks CVEs from a supplied JSON input and writes a triage artifact, with no network calls, credential requests, or surprising install steps.
目的
Name/description (KEV-style triage) matches the provided artifacts: a scoring method, guidance doc, and a Python script that ingests vulnerabilities/assets and produces prioritized output. No unrelated credentials, binaries, or resources are requested.
说明范围
SKILL.md instructs the agent to run the bundled script and read the included triage-method. The script only reads the provided input file, maps assets, computes scores, and writes an output artifact; it does not access other system paths, environment variables, or external endpoints. Guardrails in SKILL.md (no exploit payload generation) align with the code.
安装机制
Instruction-only skill with no install spec. The only executable is a bundled Python script; there are no downloads or external packages installed by the skill.
证书
No required environment variables, credentials, or config paths are declared or used. The script accepts an input file path and an output path only, which is proportionate to the triage function.
持久
The skill is not marked always:true and does not modify other skills or system-wide settings. It runs on demand and does not request elevated persistence.
综合结论
This skill looks coherent and runs locally on a provided JSON payload; it does not request keys or make network calls. Before use: (1) review the script yourself (it's short and readable) and run it in a controlled environment, (2) ensure input JSON is from a trusted source (it may contain sensitive asset data), (3) choose safe output paths to avoid overwriting important files, and (4) confirm the scoring thresholds and criticality mappings ma…
安装(复制给龙虾 AI)
将下方整段复制到龙虾中文库对话中,由龙虾按 SKILL.md 完成安装。
请把本段交给龙虾中文库(龙虾 AI)执行:为本机安装 OpenClaw 技能「Cyber Kev Triage」。简介:Prioritize vulnerability remediation using KEV-style exploitation context plus …。
请 fetch 以下地址读取 SKILL.md 并按文档完成安装:https://raw.githubusercontent.com/openclaw/skills/refs/heads/main/skills/0x-professor/cyber-kev-triage/SKILL.md
(来源:yingzhi8.cn 技能库)SKILL.md
---
name: cyber-kev-triage
description: Prioritize vulnerability remediation using KEV-style exploitation context plus asset criticality. Use for CVE triage, patch order decisions, and remediation reporting.
---
# Cyber KEV Triage
## Overview
Create a patch-priority plan by combining vulnerability severity, exploitation status, and business criticality of affected assets.
## Workflow
1. Collect vulnerabilities with CVE, CVSS, exploitation indicator, and affected asset.
2. Map each vulnerability to asset criticality.
3. Score and rank vulnerabilities into patch priority tiers.
4. Produce concise remediation summary and due-window guidance.
## Use Bundled Resources
- Run `scripts/kev_triage.py` for deterministic triage output.
- Read `references/triage-method.md` for scoring rationale and review checks.
## Guardrails
- Keep output defensive and remediation-focused.
- Do not generate exploit payloads or offensive execution steps.