ldap-injection-anti-pattern
CommunityPrevent LDAP injection attacks.
Authorigbuend
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill addresses the critical security vulnerability of LDAP injection, which can lead to unauthorized data access, authentication bypass, and system compromise by preventing the insecure construction of LDAP queries with user-supplied input.
Core Features & Use Cases
- Vulnerability Detection: Identifies instances where user input is directly concatenated into LDAP filters without proper escaping.
- Secure Coding Guidance: Provides clear "BAD" and "GOOD" code examples across multiple languages (Python, Java, C#, Node.js) demonstrating secure escaping techniques and the use of bind operations for authentication.
- Use Case: A developer is building a user authentication system that queries an LDAP directory. This Skill helps them ensure that usernames and passwords are handled securely, preventing attackers from manipulating the LDAP query to gain unauthorized access.
Quick Start
Review the provided code examples to understand how to securely escape user input when constructing LDAP filters.
Dependency Matrix
Required Modules
None requiredComponents
references
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: ldap-injection-anti-pattern Download link: https://github.com/igbuend/grimbard/archive/main.zip#ldap-injection-anti-pattern Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.