zhongwei/gh-greyhaven-ai-claude-code-config-grey-haven-plugins-security
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5f6dacc74bd68438f0a288e40c025852181e4cb9
gh-greyhaven-ai-claude-code…/skills/security-analysis/templates/INDEX.md
Zhongwei Li 5f6dacc74b Initial commit
2025-11-29 18:29:28 +08:00

2.5 KiB
Raw Blame History

Security Templates

Copy-paste ready templates for security documentation and reporting.

Templates Overview

Security Vulnerability Report

File: security-report.md

Complete vulnerability report template for documenting security findings:

  • Executive Summary - Non-technical overview for stakeholders
  • Vulnerability Details - Technical description, CVSS scoring, affected systems
  • Proof of Concept - Exploitation steps and evidence
  • Business Impact - Risk assessment and potential damage
  • Remediation Steps - Step-by-step fixes with code examples
  • Timeline - Discovery, notification, patch, verification
  • References - CVEs, OWASP, compliance mapping

Use when: Documenting security findings from audits, pentests, or internal discovery

Penetration Testing Report

File: penetration-test.md

Comprehensive penetration testing documentation template:

  • Scope & Methodology - Testing boundaries, rules of engagement
  • Executive Summary - High-level findings for management
  • Testing Methodology - OWASP Testing Guide, tools used
  • Findings Summary - Critical/High/Medium/Low vulnerability counts
  • Detailed Findings - Each vulnerability with PoC and remediation
  • Risk Assessment - CVSS scoring and business impact
  • Remediation Roadmap - Prioritized action plan with deadlines
  • Appendix - Tool outputs, screenshots, raw scan data

Use when: Conducting penetration tests, security audits, or compliance assessments

Quick Usage

# Copy template to project
cp templates/security-report.md ../reports/vuln-2025-001.md

# Fill in sections
vim ../reports/vuln-2025-001.md

# Submit for review
git add ../reports/vuln-2025-001.md
git commit -m "docs: add SQL injection vulnerability report"

Template Conventions

Date Format: YYYY-MM-DD (ISO 8601) CVSS Format: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Severity Ratings: Critical (9.0-10.0), High (7.0-8.9), Medium (4.0-6.9), Low (0.1-3.9) Code Blocks: Use triple backticks with language specifier (typescript, python)

Related Documentation

Return to main agent

Reference in New Issue View Git Blame Copy Permalink