PHP Path Traversal Security Checker

This skill empowers Claude to perform specialized security audits on PHP codebases, specifically targeting OWASP A01:2021 Path Traversal vulnerabilities. It identifies critical security flaws including Local/Remote File Inclusion (LFI/RFI), insecure file uploads, and Zip Slip vulnerabilities during archive extraction. Beyond just detection, the skill provides automated grep patterns for rapid scanning and offers production-ready remediation patterns—such as realpath() validation, whitelisting, and ID-based file access—to ensure your application's file system remains secure.

주요 기능

사용 사례