.NET async cancellation and fire-and-forget lifecycle
Bounded audit or remediation to propagate CancellationToken and observe every Task failure.
- code hygiene
- audit
- remediation
Move from a vulnerability signal to a reviewable action path. Exact CVE links open the matching source record and recommended workflows; broader searches help people and agents find the right audit, containment, or remediation recipe.
Start with a CVE, affected product, security finding, or desired outcome. Source evidence and human-reviewed action paths stay connected, so teams can move from “what is this?” to a bounded, verifiable change.
Showing 18 of 167 curated recipes.
Dense list viewBounded audit or remediation to propagate CancellationToken and observe every Task failure.
Bounded audit or remediation to dispose synchronous and asynchronous resources exactly once after their final use.
Bounded audit or remediation to avoid repeated enumeration, client evaluation, N+1 loading, and leaked query lifetimes.
Bounded audit or remediation to resolve nullable and analyzer warnings without null-forgiving or pragma expansion.
Bounded audit or remediation to remove data races, lock-order hazards, and detached thread lifetimes.
Bounded audit or remediation to remove unchecked bounds, lossy arithmetic, lifetime, and undefined-behavior hazards.
Bounded audit or remediation to resolve portable compiler diagnostics without blanket flags or pragmas.
Bounded audit or remediation to make mutation and non-owning view lifetimes explicit.
Bounded audit or remediation to make memory, file, socket, lock, and handle ownership explicit.
Bounded audit or remediation to bound CI jobs and prevent stale caches and duplicate workflow races.
Organizations using the CIS Controls and Implementation Groups to prioritize a defensible baseline security program.
Critical infrastructure owners and operators prioritizing a voluntary baseline of high-impact cybersecurity practices while CISA updates the CPGs for CSF 2.0.
Criminal justice agencies, noncriminal justice agencies, and service providers handling Criminal Justice Information under applicable agreements.
Defense contractors and subcontractors whose solicitations or contracts specify a CMMC level and assessment requirement for FCI or CUI.
Enterprises designing, evaluating, or improving governance of information and technology using COBIT 2019.
Bounded audit or remediation to reduce hard-to-review control flow without changing behavior.
Bounded audit or remediation to make invalid configuration fail clearly and defaults behave consistently.
Bounded audit or remediation to make PID 1 signal handling, readiness, health, and graceful shutdown correct.
Try clearing a filter, or send this query to the complete CVE catalog.
Paste a complete CVE ID to open the exact record, source facts, and matched curated workflows. Or search a product or vulnerability title, then narrow the full catalog by severity, year, or CISA KEV status.
Recipes guide people and agents; they do not enforce policy.
Back recipes with scoped credentials, branch protections, CODEOWNERS, and required CI. Never treat generated remediation as proof that a system is safe.
Use the curated JSON feed for workflow discovery and the dedicated CVE catalog tools for exact or filtered vulnerability lookup. MCP access should remain read-only unless the task explicitly authorizes a specific write.
Use approved MCP servers as read-only evidence.
Do not create tickets, push branches, rotate secrets, deploy changes, or alter
cloud resources through MCP unless this task explicitly grants that permission.
Maintainers can run recipes_quality_report through MCP to find recipes that
need stronger inputs, output contracts, verification, or guardrails.
Contributions can add workflows, evidence checks, toolsets, templates, or reviewed CVE overrides. Remove secrets, internal hostnames, customer data, and private vulnerability details first, then follow the contribution process.