Skills
.Work. You
Rest

cwe-78-os-command-injection

Official

Secure Java OS command execution.

Software Engineering#security#remediation#java#sast#command-injection#cwe-78
AuthorDevelopersCoffee
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This Skill addresses vulnerabilities arising from the improper neutralization of OS commands in Java applications, preventing potential command injection attacks.

Core Features & Use Cases

  • Vulnerability Remediation: Identifies and provides secure alternatives for code that executes OS commands with user-controlled input.
  • Secure Coding Practices: Guides developers towards using safer methods like ProcessBuilder and input validation.
  • Use Case: When a SAST tool flags a Runtime.getRuntime().exec() call that uses external input, this Skill can be invoked to refactor the code into a secure ProcessBuilder implementation with input sanitization.

Quick Start

Use the cwe-78-os-command-injection skill to secure the provided Java code snippet that executes an OS command.

Dependency Matrix

Required Modules

None required

Components

references

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: cwe-78-os-command-injection
Download link: https://github.com/DevelopersCoffee/java-cwe-security-skills/archive/main.zip#cwe-78-os-command-injection

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.