Remediation Library

This skill is an index to modular remediation guides. Use the specialized skills below for focused remediation guidance.

When to Use This Skill

• Finding the right remediation skill - Use this index to route to the appropriate specialized skill
• Overview of available fixes - Quick reference of what's available

When NOT to Use This Skill

• Detecting vulnerabilities - Use vulnerability-patterns skill
• Specific remediation - Use the specialized skills directly (faster)

Specialized Remediation Skills

remediation-injection

Covers: SQL Injection, Command Injection, XSS CWEs: CWE-89, CWE-78, CWE-79 Use when: Fixing injection vulnerabilities, code review feedback

remediation-crypto

Covers: Weak Cryptography, Insecure Randomness, TLS Issues CWEs: CWE-327, CWE-330, CWE-295 Use when: Fixing crypto vulnerabilities, upgrading algorithms

remediation-auth

Covers: Hardcoded Credentials, JWT Security, Deserialization, Access Control CWEs: CWE-798, CWE-347, CWE-502, CWE-862 Use when: Fixing auth issues, secrets management, authorization

remediation-config

Covers: Path Traversal, Debug Mode, Security Headers CWEs: CWE-22, CWE-489, CWE-693 Use when: Fixing deployment issues, hardening configuration

Quick Routing Guide

OWASP Mapping

See Also

• vulnerability-patterns - Detection patterns
• asvs-requirements - ASVS compliance mapping
• audit-report - Report formatting