Deterministic AI-agent remediation skills for Java/Spring Boot security vulnerabilities
Generated: 2026-03-07
- Total Skills: 53
- Languages: Java, Spring Boot
- Compatible With: skills.sh, Claude Code, Cursor, LobeHub
| CWE | Vulnerability | Folder |
|---|---|---|
| CWE-113 | Http Response Splitting | cwe-113-http-response-splitting |
| CWE-1333 | Redos | cwe-1333-redos |
| CWE-190 | Integer Overflow | cwe-190-integer-overflow |
| CWE-191 | Integer Underflow | cwe-191-integer-underflow |
| CWE-200 | Information Exposure | cwe-200-information-exposure |
| CWE-209 | Error Message Exposure | cwe-209-error-message-exposure |
| CWE-22 | Path Traversal | cwe-22-path-traversal |
| CWE-259 | Hardcoded Password | cwe-259-hardcoded-password |
| CWE-284 | Improper Access Control | cwe-284-improper-access-control |
| CWE-287 | Improper Authentication | cwe-287-improper-authentication |
| CWE-295 | Insecure Tls Trust Manager | cwe-295-insecure-tls-trust-manager |
| CWE-306 | Missing Authentication | cwe-306-missing-authentication |
| CWE-307 | Brute Force Protection | cwe-307-brute-force-protection |
| CWE-311 | Non Encrypted Storage | cwe-311-non-encrypted-storage |
| CWE-319 | Cleartext Transmission | cwe-319-cleartext-transmission |
| CWE-321 | Hardcoded Crypto Key | cwe-321-hardcoded-crypto-key |
| CWE-326 | Inadequate Encryption Strength | cwe-326-inadequate-encryption-strength |
| CWE-327 | Weak Cryptography | cwe-327-weak-cryptography |
| CWE-328 | Weak Hash Algorithm | cwe-328-weak-hash-algorithm |
| CWE-329 | Missing Random Iv | cwe-329-missing-random-iv |
| CWE-330 | Weak Prng | cwe-330-weak-prng |
| CWE-347 | Jwt Signature Bypass | cwe-347-jwt-signature-bypass |
| CWE-359 | Privacy Violation | cwe-359-privacy-violation |
| CWE-362 | Race Condition | cwe-362-race-condition |
| CWE-367 | Race Condition Toctou | cwe-367-race-condition-toctou |
| CWE-369 | Divide By Zero | cwe-369-divide-by-zero |
| CWE-377 | Insecure Temporary File | cwe-377-insecure-temporary-file |
| CWE-400 | Resource Exhaustion | cwe-400-resource-exhaustion |
| CWE-434 | Unrestricted File Upload | cwe-434-unrestricted-file-upload |
| CWE-501 | Trust Boundary Violation | cwe-501-trust-boundary-violation |
| CWE-522 | Insufficiently Protected Credentials | cwe-522-insufficiently-protected-credentials |
| CWE-532 | Sensitive Info In Logs | cwe-532-sensitive-info-in-logs |
| CWE-552 | Files Accessible Externally | cwe-552-files-accessible-externally |
| CWE-601 | Open Redirect | cwe-601-open-redirect |
| CWE-606 | Unchecked Loop Condition | cwe-606-unchecked-loop-condition |
| CWE-613 | Insufficient Session Expiration | cwe-613-insufficient-session-expiration |
| CWE-643 | Xpath Injection | cwe-643-xpath-injection |
| CWE-693 | Missing Security Headers | cwe-693-missing-security-headers |
| CWE-732 | Improper File Permissions | cwe-732-improper-file-permissions |
| CWE-77 | Command Injection | cwe-77-command-injection |
| CWE-776 | Xml Entity Expansion | cwe-776-xml-entity-expansion |
| CWE-78 | Os Command Injection | cwe-78-os-command-injection |
| CWE-780 | Rsa Without Oaep | cwe-780-rsa-without-oaep |
| CWE-79 | Xss | cwe-79-xss |
| CWE-798 | Hardcoded Credentials | cwe-798-hardcoded-credentials |
| CWE-820 | Unsynchronized Access | cwe-820-unsynchronized-access |
| CWE-833 | Deadlock | cwe-833-deadlock |
| CWE-89 | Sql Injection | cwe-89-sql-injection |
| CWE-90 | Ldap Injection | cwe-90-ldap-injection |
| CWE-91 | Xml Injection | cwe-91-xml-injection |
| CWE-917 | Expression Language Injection | cwe-917-expression-language-injection |
| CWE-93 | Crlf Injection | cwe-93-crlf-injection |
| CWE-94 | Code Injection | cwe-94-code-injection |
These skills are automatically indexed by skills.sh.
Reference a skill when fixing vulnerabilities:
Fix the CWE-89 SQL Injection vulnerability in this file using the cwe-89-sql-injection skill
- CWE-89: SQL Injection
- CWE-79: Cross-Site Scripting (XSS)
- CWE-90: LDAP Injection
- CWE-643: XPath Injection
- CWE-917: Expression Language Injection
- CWE-327: Weak Cryptography
- CWE-326: Inadequate Encryption Strength
- CWE-328: Weak Hash Algorithm
- CWE-330: Weak PRNG
- CWE-321: Hardcoded Cryptographic Key
- CWE-22: Path Traversal
- CWE-77: Command Injection
- CWE-434: Unrestricted File Upload
- CWE-918: Server-Side Request Forgery (SSRF)
- CWE-601: Open Redirect
- CWE-611: XML External Entity (XXE)
- CWE-502: Insecure Deserialization
- CWE-117: Log Injection
- Fork this repository
- Add new skill in
cwe-XXX-name/SKILL.md - Submit pull request
License: MIT