js-code-analysis
CommunityAutomated JS security code analysis.
Software Engineering#security#vulnerability#javascript#web-security#code-analysis#bug-bounty#ast-patterns
Authormswell
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This skill provides specialized JavaScript/TypeScript code analysis to identify common security vulnerabilities in web applications, supporting bug bounty workflows and secure development practices.
Core Features & Use Cases
- Framework-aware scanning for Express.js and Next.js to map routes, identify risky patterns, and produce actionable findings.
- Pattern-based vulnerability detection leveraging a curated set of JavaScript security patterns (prototype pollution, IDOR, SSRF, command injection, NoSQL injection, XSS, etc.) with examples and remediation tips.
- Reporting ready outputs including structured JSON and readable Markdown reports suitable for security reviews and stakeholder communication.
Quick Start
Analyze a target JavaScript project by running the analyze.js script against the codebase.
Dependency Matrix
Required Modules
@ast-grep/cli
Components
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: js-code-analysis Download link: https://github.com/mswell/dotfiles/archive/main.zip#js-code-analysis Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.