Komodo MCP Server

Komodo-MCP
.claude
skills
v3-security-overhaul

SKILL.md

SKILL.md•2.38 KiB

--- name: "V3 Security Overhaul" description: "Complete security architecture overhaul for claude-flow v3. Addresses critical CVEs (CVE-1, CVE-2, CVE-3) and implements secure-by-default patterns. Use for security-first v3 implementation." --- # V3 Security Overhaul ## What This Skill Does Orchestrates comprehensive security overhaul for claude-flow v3, addressing critical vulnerabilities and establishing security-first development practices using specialized v3 security agents. ## Quick Start ```bash # Initialize V3 security domain (parallel) Task("Security architecture", "Design v3 threat model and security boundaries", "v3-security-architect") Task("CVE remediation", "Fix CVE-1, CVE-2, CVE-3 critical vulnerabilities", "security-auditor") Task("Security testing", "Implement TDD London School security framework", "test-architect") ``` ## Critical Security Fixes ### CVE-1: Vulnerable Dependencies ```bash npm update @anthropic-ai/claude-code@^2.0.31 npm audit --audit-level high ``` ### CVE-2: Weak Password Hashing ```typescript // ❌ Old: SHA-256 with hardcoded salt const hash = crypto.createHash('sha256').update(password + salt).digest('hex'); // ✅ New: bcrypt with 12 rounds import bcrypt from 'bcrypt'; const hash = await bcrypt.hash(password, 12); ``` ### CVE-3: Hardcoded Credentials ```typescript // ✅ Generate secure random credentials const apiKey = crypto.randomBytes(32).toString('hex'); ``` ## Security Patterns ### Input Validation (Zod) ```typescript import { z } from 'zod'; const TaskSchema = z.object({ taskId: z.string().uuid(), content: z.string().max(10000), agentType: z.enum(['security', 'core', 'integration']) }); ``` ### Path Sanitization ```typescript function securePath(userPath: string, allowedPrefix: string): string { const resolved = path.resolve(allowedPrefix, userPath); if (!resolved.startsWith(path.resolve(allowedPrefix))) { throw new SecurityError('Path traversal detected'); } return resolved; } ``` ### Safe Command Execution ```typescript import { execFile } from 'child_process'; // ✅ Safe: No shell interpretation const { stdout } = await execFile('git', [userInput], { shell: false }); ``` ## Success Metrics - **Security Score**: 90/100 (npm audit + custom scans) - **CVE Resolution**: 100% of critical vulnerabilities fixed - **Test Coverage**: >95% security-critical code - **Implementation**: All secure patterns documented and tested

Loading blob content...

Latest Blog Posts

Redis vs ioredis vs valkey-glide
By punkpeye on January 26, 2026.
benchmark
Redis
valkey
Quickstart: Publish an MCP Server to the MCP Registry
By punkpeye on January 24, 2026.
mcp
official reference mirror
Official MCP Registry Server.json Requirements
By punkpeye on January 24, 2026.
mcp
official reference mirror

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/Secure-ISS/Komodo-MCP'

If you have feedback or need assistance with the MCP directory API, please join our Discord server

SKILL.md•2.38 KiB