
security-reviewer-formats
✓ Official★ 1,200by microsoft · part of microsoft/hve-core
Format specifications and data contracts for the security reviewer orchestrator and its subagents - Brought to you by microsoft/hve-core.
This is the playbook your agent receives when the skill activates — you don't need to read it to use the skill, but it's here to audit before installing.
by microsoft
Format specifications and data contracts for the security reviewer orchestrator and its subagents - Brought to you by microsoft/hve-core.
npx skills add https://github.com/microsoft/hve-core --skill security-reviewer-formats
Download ZIPGitHub1.2k
Security Reviewer Formats — Skill Entry
This SKILL.md is the entrypoint for the security reviewer format specifications skill.
The skill provides shared format templates and data contracts used by the security reviewer orchestrator and its subagents during vulnerability assessments. Each reference file covers a focused area of the reporting pipeline.
Normative references
-
Report Formats — VULN_REPORT_V1 template, diff mode qualifiers, and PLAN_REPORT_V1 template.
-
Finding Formats — Finding Serialization Format and Verified Findings Collection Format.
-
Completion Formats — Scan Status Format, Scan Completion Format, and Minimal Profile Stub Format.
-
Severity Definitions — Standard severity level definitions for all OWASP skill assessments.
Skill layout
-
SKILL.md— this file (skill entrypoint). -
references/— format specification documents. -
report-formats.md— full report templates for audit, diff, and plan modes. -
finding-formats.md— serialization and collection formats for findings exchange between subagents. -
completion-formats.md— status updates, completion summaries, and the minimal profile stub. -
severity-definitions.md— severity level table shared across all assessments.
npx skills add https://github.com/microsoft/hve-core --skill security-reviewer-formatsRun this in your project — your agent picks the skill up automatically.
No common issues documented yet. If you hit a problem, the repository's GitHub Issues page is the best place to look.