Back to skills
extension
Category: Development & EngineeringNo API key required

Java CWE Security Skills Collection

53 AI-ready security remediation guides for Java vulnerabilities

personAuthor: jakexiaohubgithub

Java CWE Security Skills Collection

Use this skill when fixing Java security vulnerabilities, remediating SAST findings, or resolving CWE issues.

Quick Install

npx skills add DevelopersCoffee/java-cwe-security-skills --all

What is Included

53 deterministic remediation patterns for CWEs in Java.

Skills by Category

Critical - Injection

  • CWE-89: SQL Injection
  • CWE-79: Cross-Site Scripting
  • CWE-78: OS Command Injection
  • CWE-94: Code Injection

Critical - Authentication

  • CWE-287: Improper Authentication
  • CWE-306: Missing Authentication
  • CWE-284: Improper Access Control

High - Cryptography

  • CWE-327: Broken Crypto Algorithm
  • CWE-328: Weak Hash
  • CWE-330: Insufficient Randomness

High - Data Exposure

  • CWE-200: Information Exposure
  • CWE-209: Error Message Exposure
  • CWE-532: Log Injection

Medium - Input Validation

  • CWE-22: Path Traversal
  • CWE-611: XXE Injection
  • CWE-502: Insecure Deserialization

Medium - Resource Management

  • CWE-400: Resource Exhaustion
  • CWE-770: Resource Allocation Limits

Repository

https://github.com/DevelopersCoffee/java-cwe-security-skills

License: MIT