vuln-patterns-injection
CommunityDetect injection vulnerabilities in Python.
Software Engineering#security#vulnerability#sql injection#python#injection#code audit#command injection
Authoryhy0
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill helps identify and prevent injection vulnerabilities in Python code, such as command injection, SQL injection, and code injection, which can lead to unauthorized access or data breaches.
Core Features & Use Cases
- Source Identification: Detects user input from various sources like HTTP requests, LLM outputs, and configuration files.
- Sink Analysis: Analyzes dangerous functions like
eval(),exec(),subprocesswithshell=True, and SQL execution functions. - Sanitization Validation: Checks for proper security measures like parameterized queries and input validation.
- Use Case: When auditing a web application, use this Skill to automatically scan for instances where user-provided data might be used in constructing SQL queries or system commands, flagging potential SQL injection or command injection flaws.
Quick Start
Use the vuln-patterns-injection skill to audit the provided Python script for potential injection vulnerabilities.
Dependency Matrix
Required Modules
None requiredComponents
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: vuln-patterns-injection Download link: https://github.com/yhy0/ghsa-skill-builder/archive/main.zip#vuln-patterns-injection Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.