xxe-prevention
OfficialSecure XML parsing against XXE attacks.
Authorlatestaiagents
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill prevents XML External Entity (XXE) attacks, a critical vulnerability that can lead to data breaches, server-side request forgery, and denial-of-service conditions when processing XML input.
Core Features & Use Cases
- Secure XML Parsing: Configures XML parsers to disable dangerous features like DTDs and external entities.
- Vulnerability Mitigation: Protects against attacks exploiting XML parsers in various languages (Node.js, Python, Java, PHP, .NET).
- SVG and Office Document Security: Provides guidance on sanitizing SVG uploads and validating Office documents (DOCX, XLSX) which contain XML.
- Use Case: When your application accepts user-uploaded XML files or processes data from external XML sources, use this skill to ensure the parser is configured securely, preventing attackers from reading local files or accessing internal network resources.
Quick Start
Use the xxe-prevention skill to secure your XML parsing logic in Node.js by disabling external entities.
Dependency Matrix
Required Modules
None requiredComponents
references
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: xxe-prevention Download link: https://github.com/latestaiagents/agent-skills/archive/main.zip#xxe-prevention Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.