Data Flow Tracing
CommunityTrace data from source to sink.
Software Engineering#code analysis#data flow#pentesting#vulnerability research#taint analysis#source to sink
Authorallsmog
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This skill helps security professionals understand how user-controlled data moves through an application, which is critical for identifying and confirming vulnerabilities.
Core Features & Use Cases
- Source Identification: Pinpoints where external input enters the application (e.g., HTTP requests, database reads).
- Sink Identification: Locates security-sensitive functions where data could be misused (e.g., command execution, SQL queries).
- Data Transformation Tracking: Documents how data is modified, encoded, or filtered between source and sink.
- Use Case: A developer suspects that user input might be used in a system command. This skill guides them to trace that input from the web request parameters all the way to the
system()function, verifying if it's controllable and exploitable.
Quick Start
Use the data flow tracing skill to follow user input from the $_GET parameter to the exec function in the provided PHP code.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: Data Flow Tracing Download link: https://github.com/allsmog/vuln-scout/archive/main.zip#data-flow-tracing Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.