ReddRadar
Agent skill
osv
CLI for Google's Open Source Vulnerabilities (OSV) project, providing vulnerability scanning and dependency analysis. Core Scenario: When the user needs to scan projects for vulnerabilities or query specific CVE/OSV IDs.
Install this agent skill to your Project
npx add-skill https://github.com/x-cmd/skill/tree/main/data/x-cmd/osv
SKILL.md
osv - Open Source Vulnerabilities Scanner
The osv module provides an interface for the OSV project, enabling users to scan local projects, identify vulnerable dependencies, and retrieve detailed vulnerability information.
When to Activate
- When the user wants to perform a security audit on their project dependencies (npm, pip, etc.).
- When querying detailed information for a specific vulnerability ID (e.g.,
osv-2020-111). - When generating security reports in the SARIF format for integration with CI/CD pipelines.
- When searching for vulnerabilities related to specific software packages and versions.
Core Principles & Rules
- Comprehensive Scanning: Use
sarifto generate standardized security reports. - Eco-System Aware: Supports multiple ecosystems including npm, pypi, and more.
- Search Integration: Uses AI or DuckDuckGo to summarize vulnerability details from the web.
Patterns & Examples
Full Project Scan
# Scan dependencies and generate a SARIF report
x osv sarif
Specific Vulnerability Query
# Get details for a specific vulnerability ID
x osv vuln OSV-2020-111
Check Software Version
# Query vulnerabilities for a specific version of a package
x osv q -p jq -v 1.7.1
Checklist
- Confirm if the user needs a full scan or info on a specific ID.
- Verify the target project directory or package name.
- Ensure the correct ecosystem (pip, npm) is identified if using granular subcommands.
Recommended Agent Skills
Expand your agent's capabilities with these related and highly-rated skills.
x-cmd/skill
pufferlib
High-performance reinforcement learning framework optimized for speed and scale. Use when you need fast parallel training, vectorized environments, multi-agent systems, or integration with game environments (Atari, Procgen, NetHack). Achieves 2-10x speedups over standard implementations. For quick prototyping or standard algorithm implementations with extensive documentation, use stable-baselines3 instead.
x-cmd/skill
fluidsim
Framework for computational fluid dynamics simulations using Python. Use when running fluid dynamics simulations including Navier-Stokes equations (2D/3D), shallow water equations, stratified flows, or when analyzing turbulence, vortex dynamics, or geophysical flows. Provides pseudospectral methods with FFT, HPC support, and comprehensive output analysis.
x-cmd/skill
metabolomics-workbench-database
Access NIH Metabolomics Workbench via REST API (4,200+ studies). Query metabolites, RefMet nomenclature, MS/NMR data, m/z searches, study metadata, for metabolomics and biomarker discovery.
x-cmd/skill
geniml
This skill should be used when working with genomic interval data (BED files) for machine learning tasks. Use for training region embeddings (Region2Vec, BEDspace), single-cell ATAC-seq analysis (scEmbed), building consensus peaks (universes), or any ML-based analysis of genomic regions. Applies to BED file collections, scATAC-seq data, chromatin accessibility datasets, and region-based genomic feature learning.
x-cmd/skill
zinc-database
Access ZINC (230M+ purchasable compounds). Search by ZINC ID/SMILES, similarity searches, 3D-ready structures for docking, analog discovery, for virtual screening and drug discovery.
x-cmd/skill
astropy
Comprehensive Python library for astronomy and astrophysics. This skill should be used when working with astronomical data including celestial coordinates, physical units, FITS files, cosmological calculations, time systems, tables, world coordinate systems (WCS), and astronomical data analysis. Use when tasks involve coordinate transformations, unit conversions, FITS file manipulation, cosmological distance calculations, time scale conversions, or astronomical data processing.
Didn't find tool you were looking for?