cve-audit

# CVE Dependency Audit

Automatically scan your project's dependencies and identify known Common Vulnerabilities and Exposures (CVEs). Supports Node.js, Python, Ruby, Go, and Maven projects.

## Quick Start

```bash
# Scan current directory
npx tsx scripts/audit.ts

# Scan specific directory
npx tsx scripts/audit.ts /path/to/project

# Only show critical vulnerabilities
npx tsx scripts/audit.ts --severity critical

# Get fresh data (bypass cache)
npx tsx scripts/audit.ts --no-cache

# Output as JSON
npx tsx scripts/audit.ts --json
```

Run from the cve-search plugin directory: `~/.claude/plugins/cache/cve-search/`

## Usage

```bash
npx tsx scripts/audit.ts [directory] [options]
```

### Options

| Option | Description |
|--------|-------------|
| `[directory]` | Directory to scan (default: current directory) |
| `--severity <level>` | Filter by severity: `critical`, `high`, `medium`, `low` |
| `--no-cache` | Bypass cache and fetch fresh data |
| `--json` | Output results as JSON |
| `--help` | Show help message |

## Supported Package Managers

The skill automatically detects and parses dependency files from multiple ecosystems:

### Node.js / npm
- **File**: `package.json`
- **Detects**: `dependencies`, `devDependencies`, `peerDependencies`
- **Example**: `"express": "^4.18.0"`

### Python / pip
- **File**: `requirements.txt`
- **Detects**: Pinned versions and ranges
- **Example**: `django==3.2.10` or `requests>=2.25.0`

### Ruby / Bundler
- **File**: `Gemfile`
- **Detects**: Gem dependencies with versions
- **Example**: `gem 'rails', '~> 6.1.0'`

### Go / Go Modules
- **File**: `go.mod`
- **Detects**: Direct and indirect dependencies
- **Example**: `require github.com/user/repo v1.2.3`

### Java / Maven
- **File**: `pom.xml`
- **Detects**: Project and transitive dependencies
- **Example**: `<artifactId>log4j-core</artifactId>`

## How It Works

1. **Discovery**: Scans for supported dependency files in the directory
2. **Parsing**: Extracts package names and versi