Can this skill bypass WAFs during testing?

The skill utilizes advanced detection techniques including WAF bypass testing to ensure that security measures are truly effective and not easily circumvented.

How do I trigger an XSS scan with Claude Code?

You can trigger a scan by asking Claude to 'check for XSS', 'scan for vulnerabilities', or by using the '/xss' command.

Does it provide remediation advice for found issues?

Yes, the skill generates a report highlighting the vulnerability location and suggests specific fixes like using sanitization libraries or proper escaping functions.

Is it safe to use these payloads on my application?

The skill suggests safe proof-of-concept payloads designed for identification purposes rather than malicious exploitation.

What types of XSS can this skill detect?

It identifies reflected, stored, and DOM-based XSS vulnerabilities across HTML, JavaScript, CSS, and URL contexts.

XSS Vulnerability Scanner

Name: XSS Vulnerability Scanner
Author: intent-solutions-io

byintent-solutions-io

Seguridad y Pruebas

Detects and mitigates cross-site scripting (XSS) vulnerabilities across HTML, JavaScript, and CSS contexts to secure web applications.

Acerca de

This skill empowers Claude to proactively identify and report XSS vulnerabilities within codebases by leveraging context-aware analysis and WAF bypass testing. It automatically scans for reflected, stored, and DOM-based XSS risks, providing detailed insights into vulnerability types and offering actionable remediation strategies like proper sanitization and Content Security Policy (CSP) implementation. It is an essential tool for developers performing security audits or pre-production code reviews to ensure web applications remain resilient against common injection attacks.

Características Principales

0 GitHub stars
Identifies reflected, stored, and DOM-based XSS vulnerabilities
Offers detailed remediation guidance and sanitization best practices
Analyzes HTML, JavaScript, CSS, and URL contexts for potential exploits
Supports rapid execution via the '/xss' shortcut command
Provides safe proof-of-concept payloads for vulnerability verification

Casos de Uso

Testing the effectiveness and robustness of a Content Security Policy (CSP)
Performing automated security audits of web application source code
Reviewing search functionality and input forms for unsanitized data handling

Acerca de

Características Principales

0 GitHub stars
Identifies reflected, stored, and DOM-based XSS vulnerabilities
Offers detailed remediation guidance and sanitization best practices
Analyzes HTML, JavaScript, CSS, and URL contexts for potential exploits
Supports rapid execution via the '/xss' shortcut command
Provides safe proof-of-concept payloads for vulnerability verification

Casos de Uso

Testing the effectiveness and robustness of a Content Security Policy (CSP)
Performing automated security audits of web application source code
Reviewing search functionality and input forms for unsanitized data handling