How does this skill reduce security noise?

It performs reachability and data flow analysis to determine if a theoretical vulnerability can actually be triggered by an external attacker, automatically filtering out findings in unreachable or dead code.

What inputs are required to run this skill?

You need a security-findings.json (typically from a security scan) and a .factory/threat-model.md file to provide necessary system context.

Does it actually exploit my production system?

No, the skill generates benign proof-of-concept payloads and documentation to demonstrate the vulnerability's existence without causing actual damage or data loss.

Can I target specific vulnerabilities for validation?

Yes, you can configure the skill to validate specific finding IDs or filter by a minimum severity level, such as only validating High and Critical findings.

How is the severity of a validated finding determined?

The skill calculates a CVSS 3.1 score based on the attack vector, complexity, required privileges, and the specific impact on confidentiality, integrity, and availability.

Security Vulnerability Validation

Name: Security Vulnerability Validation
Author: Factory-AI

byFactory-AI

0•

Security & Testing

Validates security scan results by performing reachability analysis and generating proof-of-concept exploits to confirm real-world exploitability.

The Security Vulnerability Validation skill automates the critical process of triaging security findings by determining if a vulnerability is truly reachable and exploitable within the specific context of your codebase. By analyzing data flow, control chains, and existing mitigations, it effectively filters out false positives and provides actionable proof-of-concept (PoC) payloads. This allows developers and security teams to prioritize high-impact issues and move directly to remediation with confidence, significantly reducing the time spent investigating non-exploitable security noise.

Key Features

01False positive filtering to ensure only legitimate security risks are reported

02Detailed CVSS 3.1 scoring to provide standardized severity assessments for all findings

030 GitHub stars

04Control flow analysis to detect existing sanitization, encoding, or framework-level protections

05Automated proof-of-concept (PoC) exploit generation for confirmed vulnerabilities

06Reachability analysis to trace entry points and call chains from external input to vulnerable sinks

Use Cases

01Triage automated security scan results before creating tickets or blocking pull requests

02Perform deep-dive security reviews on high-severity findings to assess actual business risk

03Generate reproducible exploit payloads to verify security patches during the remediation phase

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add factory-ai/skills vulnerability-validation

For use in Claude.ai and ChatGPT

Download Skill