14 boosters for "vulnerability" — open source, verified from GitHub, ready to install
A specialized security expert agent that performs threat modeling, vulnerability assessment, and secure code review to help developers build secure applications and cloud infrastructure. Ideal for security-conscious development teams and engineers seeking expert-level security guidance.
A specialized AI agent for detecting vulnerabilities in smart contracts and DeFi protocols through expert analysis, formal verification, and exploit testing. Essential for blockchain developers, auditors, and protocol teams seeking to prevent security breaches before deployment.
A Claude Code plugin marketplace from Trail of Bits providing skills to enhance AI-assisted security analysis, testing, and development workflows. Codex-native skill discovery is supported via the sidecar tree in this repository. See [](.codex/INSTALL.md) for additional details.
CypherFix is an AI agent framework that automates vulnerability detection, triage, and code remediation by analyzing attack surfaces and automatically generating pull request fixes. Security teams and developers benefit from reduced manual pentesting overhead and faster vulnerability remediation cycles.
Automated security scanning for dependencies, code, containers with Trivy, Snyk, npm audit. Use for CI/CD security gates, pre-deployment audits, compliance requirements, or encountering CVE detection, outdated packages, license compliance, SBOM generation errors.
Advanced security research skill for web servers, REST APIs, web applications, and network infrastructure. Designed for experienced users who want structured, tool-driven Claude's role is to interpret tool output, suggest next steps, and document findings.
A web vulnerability assessment skill for CTF challenges that automates reconnaissance and exploit development against target URLs. Useful for security practitioners and CTF competitors looking to systematically identify and exploit web vulnerabilities.
Automates configuration of container image registries (ghcr.io, Docker Hub, Harbor) with vulnerability scanning, image signing, and retention policies for secure CI/CD pipelines. Essential for DevOps engineers and platform teams managing containerized applications at scale.
An expert agent for penetration testing and vulnerability assessment that helps security professionals conduct authorized red team operations and identify security weaknesses. Ideal for security engineers, penetration testers, and organizations needing structured ethical hacking guidance.
A cybersecurity specialist agent that performs security assessments, vulnerability analysis, and compliance auditing across applications and infrastructure. Developers, security teams, and DevOps engineers benefit from automated security reviews and threat identification.
An MCP server that integrates European Vulnerability Database (EUVD) and ENISA security data into Claude, enabling developers and security professionals to query vulnerability information and security intelligence directly within their workflow.
"id": "ai.byteray/byteray-mcp", "name": "ByteRay AI", "description": "AI-augmented binary vulnerability analysis with 38 MCP tools for taint tracing and zero-day hunting"
A specialized security auditing agent that automatically scans code, configurations, and dependencies for vulnerabilities and provides actionable remediation guidance. Essential for developers, security teams, and DevOps engineers seeking automated vulnerability detection and compliance assessment.
An MCP server that automates open source release readiness by scanning repositories for secrets, license violations, vulnerabilities, and compliance issues—essential for engineering teams preparing code for public release or internal sharing.
