CWE ID 工具
解析、格式化、验证、从文本提取、比较 CWE ID。支持 CWE-79、cwe 79、79 等多种写法,统一规范化输出。
查看 ID 工具 →
CWE Skills 是 AI 原生的 —— 把下面的提示词复制粘贴到你的 Codex / Claude / GPT 等 AI 客户端,它就会按指引安装并使用 cwe 工具,无需你手动查阅文档。
## CWE Skills — AI-Native CWE Integration
You have access to the `cwe` CLI tool for CWE (Common Weakness Enumeration) operations.
### Install
```bash
# Linux / macOS
curl -sL https://github.com/scagogogo/cwe-skills/releases/latest/download/cwe-skills_latest_linux_x86_64.tar.gz | tar xz && sudo mv cwe /usr/local/bin/
# or from source:
git clone https://github.com/scagogogo/cwe-skills.git && cd cwe-skills && go build -o cwe ./cmd/cwe/ && sudo mv cwe /usr/local/bin/
```
Verify: `cwe version`
### Core Commands
| Command | Purpose |
|---------|---------|
| `cwe parse CWE-79` | Parse a CWE ID |
| `cwe validate CWE-79` | Validate CWE ID format |
| `cwe format 79 89 352` | Format to standard CWE-NNN |
| `cwe extract "<text>"` | Extract CWE IDs from text |
| `cwe wellknown check CWE-79` | Check Top 25 / OWASP / SANS membership |
| `cwe wellknown top25` | List CWE Top 25 (2024) |
| `cwe enum abstraction` | List enumeration values |
| `cwe show CWE-79` | Fetch weakness details from MITRE API |
| `cwe relations parents CWE-79` | Query parent weaknesses via API |
| `cwe api-version` | Check MITRE API version |
| `cwe search --xml <file> --keyword Injection` | Search offline XML catalog |
| `cwe filter --xml <file> --abstraction Base --status Stable` | Multi-criteria filter |
| `cwe registry get CWE-79 --xml <file>` | Get entry from local registry |
| `cwe nav ancestors CWE-79 --xml <file>` | Navigate relationships offline |
| `cwe nav shortest-path CWE-79 CWE-1 --xml <file>` | Find shortest path |
| `cwe tree build CWE-1 --xml <file>` | Build hierarchy tree |
| `cwe stats --xml <file>` | XML catalog statistics |
### Output Format
Every command supports `-o json` for structured JSON output. Example: `cwe parse CWE-79 -o json`
### Go SDK
```go
import cweskills "github.com/scagogogo/cwe-skills"
id, _ := cweskills.ParseCWEID("CWE-79")
cweskills.IsInTop25(79) // true
client := cweskills.NewAPIClient()
weakness, _ := client.GetWeakness(ctx, 79)
```
Install: `go get github.com/scagogogo/cwe-skills`
### Documentation
- Full docs: https://scagogogo.github.io/cwe-skills/
- Skills index: https://scagogogo.github.io/cwe-skills/skills/
- SDK reference: https://scagogogo.github.io/cwe-skills/sdk/overview
- CLI reference: https://scagogogo.github.io/cwe-skills/cli/overview💡 怎么用
cwe CLI 并调用它完成 CWE 相关任务🔗 更多接入方式