Java CWE Security Skills Collection

53 AI-ready security remediation guides for Java vulnerabilities

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "Java CWE Security Skills Collection" with this command: npx skills add DevelopersCoffee/java-cwe-security-skills

Java CWE Security Skills Collection

Use this skill when fixing Java security vulnerabilities, remediating SAST findings, or resolving CWE issues.

Quick Install

npx skills add DevelopersCoffee/java-cwe-security-skills --all

What is Included

53 deterministic remediation patterns for CWEs in Java.

Skills by Category

Critical - Injection

  • CWE-89: SQL Injection
  • CWE-79: Cross-Site Scripting
  • CWE-78: OS Command Injection
  • CWE-94: Code Injection

Critical - Authentication

  • CWE-287: Improper Authentication
  • CWE-306: Missing Authentication
  • CWE-284: Improper Access Control

High - Cryptography

  • CWE-327: Broken Crypto Algorithm
  • CWE-328: Weak Hash
  • CWE-330: Insufficient Randomness

High - Data Exposure

  • CWE-200: Information Exposure
  • CWE-209: Error Message Exposure
  • CWE-532: Log Injection

Medium - Input Validation

  • CWE-22: Path Traversal
  • CWE-611: XXE Injection
  • CWE-502: Insecure Deserialization

Medium - Resource Management

  • CWE-400: Resource Exhaustion
  • CWE-770: Resource Allocation Limits

Repository

https://github.com/DevelopersCoffee/java-cwe-security-skills

License: MIT

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

AI Boss Assistant

Transform any AI into a professional executive assistant with battle-tested personas and workflows. Complete templates for Google Workspace integration (Gmail, Calendar, Drive), milestone delivery system, and security guidelines.

Registry SourceRecently Updated
23.2K
jacky6658
Security

On-Chain Skill Audit

On-chain skill provenance registry. Check, register, audit, and vouch for agent skills on Solana. Use when evaluating skill safety, registering new skills, or looking up provenance before installation.

Registry SourceRecently Updated
01K
Profile unavailable
Security

Solidity LSP

Solidity language server providing smart contract development support including compilation, linting, security analysis, and code intelligence for .sol files. Use when working with Ethereum smart contracts, Substrate pallets, or any Solidity code that needs compilation, security checks, gas optimization, or code navigation. Essential for ClawChain pallet development.

Registry SourceRecently Updated
0848
Profile unavailable