cyberneticlibrary
← library

Hunt security vulnerabilities for bounties

security-bounty-hunterskillsetup L20
Sheshiyer/skill-clusters
What it does

Scan open-source projects for security vulnerabilities and report bounty eligibility

Best for

Identifying reportable security issues in open-source projects before bug-bounty submission

Inputs
  • · GitHub repo URL or local path
Outputs
  • · vulnerability scan report
  • · bounty program eligibility checklist
Requires
  • · OWASP Dependency-Check OR similar vulnerability scanner
  • · GitHub API (optional)
Preconditions

Repo cloned or URL accessible; scanner tool installed

Failure modes
  • · Scanner misses zero-day vulnerabilities
  • · False positives on deprecated but harmless dependencies
Trust signals
  • · Integrates with known bounty platforms
  • · Checks dependency versions against CVE database

Capability

security-audit → compare alternatives