injection-hunter
CommunityHunt for input injection vulnerabilities in code.
Software Engineering#vulnerability#xss#injection#sql-injection#command-injection#path-traversal#taint-analysis
AuthorMAF2414
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Injection vulnerabilities arise when untrusted user input flows into sensitive operations, enabling attackers to manipulate behavior or exfiltrate data. This Skill helps identify and trace tainted data from sources to dangerous sinks across the codebase, covering SQL injection, OS command injection, XSS, SSTI, path traversal, LDAP and XML injections.
Core Features & Use Cases
- Taint-tracking across input sources to dangerous sinks (SQL, command, XSS, SSTI, path traversal, LDAP/XML)
- Identify common insecure patterns and provide remediation guidance
- Generate structured findings suitable for remediation planning and compliance
Quick Start
Analyze a codebase to locate and report injection flaws from user input to dangerous sinks.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: injection-hunter Download link: https://github.com/MAF2414/kyco/archive/main.zip#injection-hunter Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.