Does it fix the code automatically?

The skill identifies and reports the vulnerabilities; you can then prompt Claude to use its editing tools to apply the recommended sanitization or parameterization fixes.

When should I use the Input Validation Scanner?

Use it during security audits, code reviews, or whenever you are implementing new features that process external user data or API inputs.

Can it scan entire directories?

Yes, it leverages tools like Grep and Glob to analyze entire modules or specific directories to find systemic input handling flaws.

What types of vulnerabilities can this skill detect?

It primarily identifies input validation issues including SQL injection, cross-site scripting (XSS), and command injection risks by analyzing unsanitized data flows.

Input Validation Scanner

Name: Input Validation Scanner
Author: intent-solutions-io

byintent-solutions-io

보안 및 테스팅

Scans source code to detect and mitigate input validation vulnerabilities like SQL injection and XSS.

소개

This skill empowers Claude to proactively identify security flaws by analyzing how user-supplied data is handled within a codebase. By scanning for missing sanitization and insufficient validation, it helps developers prevent common exploits such as Cross-Site Scripting (XSS), SQL injection, and command injection during code reviews or security audits. It leverages automated analysis to pinpoint the exact location of risks, ensuring applications are hardened against modern web threats.

주요 기능

Automated vulnerability detection for user-supplied data
SQL injection risk assessment and identification
0 GitHub stars
Detailed security report generation with code locations
Cross-Site Scripting (XSS) sanitization analysis
Command injection vulnerability scanning

사용 사례

Reviewing new pull requests for proper input handling practices
Hardening web applications against common OWASP Top 10 exploits
Auditing legacy codebases for hidden security vulnerabilities

소개

주요 기능

Automated vulnerability detection for user-supplied data
SQL injection risk assessment and identification
0 GitHub stars
Detailed security report generation with code locations
Cross-Site Scripting (XSS) sanitization analysis
Command injection vulnerability scanning

사용 사례

Reviewing new pull requests for proper input handling practices
Hardening web applications against common OWASP Top 10 exploits
Auditing legacy codebases for hidden security vulnerabilities