OpenSkillIndex← back to search
claude-code

Skills snyk

install
source · Clone the upstream repo
git clone https://github.com/TerminalSkills/skills
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/TerminalSkills/skills "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/snyk" ~/.claude/skills/terminalskills-skills-snyk && rm -rf "$T"
manifest: skills/snyk/SKILL.md
safety · automated scan (low risk)
This is a pattern-based risk scan, not a security review. Our crawler flagged:
  • global npm install
Always read a skill's source content before installing. Patterns alone don't mean the skill is malicious — but they warrant attention.
source content

Snyk

Overview

Snyk finds and fixes vulnerabilities in open-source dependencies, container images, IaC configs, and code. Integrates into CLI, CI/CD, Git repos, and IDEs.

Instructions

Step 1: Setup

npm install -g snyk
snyk auth

Step 2: Scan Dependencies

snyk test                    # test for vulnerabilities
snyk monitor                 # continuous monitoring
snyk fix                     # auto-fix vulnerabilities

Step 3: Container Scanning

snyk container test node:20-alpine
snyk container test my-app:latest --file=Dockerfile

Step 4: IaC Scanning

snyk iac test                # scan Terraform, K8s manifests
snyk iac test --report       # upload to dashboard

Guidelines

  • Free tier: 200 dependency tests/month, unlimited container tests.
  • Use 
    --severity-threshold=high
    in CI to fail only on critical issues.
  • snyk fix
    auto-generates PRs with dependency upgrades.
  • Alternatives: npm audit (basic), GitHub Dependabot (free), Socket.dev (supply chain).