Which programming languages does this skill support?

This skill supports JavaScript, TypeScript, Python, Go, Java, Ruby, and PHP.

How do I execute these security scans?

The skill provides both regex patterns for IDE searches and shell-ready grep commands for rapid terminal-based auditing.

What types of vulnerabilities can it detect?

It identifies critical issues including SQL injection, cross-site scripting (XSS), command injection, unsafe deserialization, weak cryptography, and prototype pollution.

Are the detection patterns based on industry standards?

Yes, the patterns are mapped to OWASP ASVS (Application Security Verification Standard) and CWE (Common Weakness Enumeration) identifiers.

Does this skill provide remediation steps?

This specific skill is focused on detection. For remediation, you should use the remediation-specific skills like 'remediation-injection' or 'remediation-crypto'.

Language-Specific Security Vulnerability Patterns

Name: Language-Specific Security Vulnerability Patterns
Author: Zate

byZate

보안 및 테스팅

Identifies language-specific security vulnerabilities across major programming stacks using optimized regex and grep patterns.

소개

This Claude Code skill provides a comprehensive library of detection patterns for identifying security vulnerabilities specific to JavaScript/TypeScript, Python, Go, Java, Ruby, and PHP. It enables developers and security researchers to perform targeted code audits by surfacing critical issues such as SQL injection, unsafe deserialization, prototype pollution, and weak cryptography through standardized regex searches and ready-to-use grep commands. By mapping patterns to ASVS and CWE standards, it streamlines the identification of high-risk code segments during development and code review.

주요 기능

Contextual severity levels and mapping to ASVS and CWE standards
0 GitHub stars
Support for 6 major languages: JS/TS, Python, Go, Java, Ruby, and PHP
Pre-configured regex patterns and CLI-ready grep commands
Language-targeted scanning guidance for tech-stack specific audits
Detection of critical vulnerabilities like SQLi, XSS, and Command Injection

사용 사례

Identifying common vulnerabilities during manual code reviews
Performing targeted security audits on specific tech stacks
Bootstrapping automated auditor agents with domain-specific patterns

소개

주요 기능

Contextual severity levels and mapping to ASVS and CWE standards
0 GitHub stars
Support for 6 major languages: JS/TS, Python, Go, Java, Ruby, and PHP
Pre-configured regex patterns and CLI-ready grep commands
Language-targeted scanning guidance for tech-stack specific audits
Detection of critical vulnerabilities like SQLi, XSS, and Command Injection

사용 사례

Identifying common vulnerabilities during manual code reviews
Performing targeted security audits on specific tech stacks
Bootstrapping automated auditor agents with domain-specific patterns