Skills
.Work. You
Rest

form-security-analyzer

Community

Static HTML form security checks — safe, no requests.

Software Engineering#html#security#vulnerability#forms#input-validation#static-analysis#csrf
Authornaporin0624
Version1.0.0
Installs0

System Documentation

What problem does it solve?

Static security analysis of HTML forms without sending any requests. Checks for CSRF tokens, insecure actions, missing validation, hidden field issues, and common misconfigurations.

Core Features & Use Cases

  • CSRF token presence checks
  • Insecure HTTP form actions detection
  • Flagging state-changing GET methods
  • Hidden field analysis for IDOR and sensitive data
  • Input validation and autocomplete checks
  • Inline event handlers detection
  • Clear text reports or JSON outputs for automation

Quick Start

  • Install: npm install
  • Build: npm run build
  • Analyze a file (JSON): npx tsx src/index.ts path/to/file.html --json
  • Analyze a file (text): npx tsx src/index.ts path/to/file.html

Dependency Matrix

Required Modules

cheerio

Components

Standard package

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: form-security-analyzer
Download link: https://github.com/naporin0624/claude-web-audit-plugins/archive/main.zip#form-security-analyzer

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository