>
snyk
Find and fix vulnerabilities in code and dependencies with Snyk. Use when a user asks to scan for security vulnerabilities, audit npm packages, check Docker images for CVEs, or integrate security into CI/CD.
#snyk#vulnerability#dependencies#docker#ci-cd
terminal-skillsv1.0.0
Works with:claude-codeopenai-codexgemini-clicursor
Usage
$
✓ Installed snyk v1.0.0
Getting Started
- Install the skill using the command above
- Open your AI coding agent (Claude Code, Codex, Gemini CLI, or Cursor)
- Reference the skill in your prompt
- The AI will use the skill's capabilities automatically
Example Prompts
- "Deploy the latest build to the staging environment and run smoke tests"
- "Check the CI pipeline status and summarize any recent failures"
Documentation
Overview
Snyk finds and fixes vulnerabilities in open-source dependencies, container images, IaC configs, and code. Integrates into CLI, CI/CD, Git repos, and IDEs.
Instructions
Step 1: Setup
bash
npm install -g snyk
snyk auth
Step 2: Scan Dependencies
bash
snyk test # test for vulnerabilities
snyk monitor # continuous monitoring
snyk fix # auto-fix vulnerabilities
Step 3: Container Scanning
bash
snyk container test node:20-alpine
snyk container test my-app:latest --file=Dockerfile
Step 4: IaC Scanning
bash
snyk iac test # scan Terraform, K8s manifests
snyk iac test --report # upload to dashboard
Guidelines
- Free tier: 200 dependency tests/month, unlimited container tests.
- Use
--severity-threshold=highin CI to fail only on critical issues. snyk fixauto-generates PRs with dependency upgrades.- Alternatives: npm audit (basic), GitHub Dependabot (free), Socket.dev (supply chain).
Information
- Version
- 1.0.0
- Author
- terminal-skills
- Category
- DevOps
- License
- Apache-2.0