What is a path traversal vulnerability?

Path traversal, or directory traversal, is a security flaw that allows an attacker to read or write files on the server outside of the intended application directory by using special characters like '../'.

Can I use this for automated security reviews?

Absolutely. It is designed to be triggered during development or audit phases to catch security fundamentals issues before they reach production.

How does the Path Traversal Finder skill work?

The skill uses Claude's analytical capabilities alongside tools like Grep and Bash to scan your codebase for patterns where user input is unsafely concatenated into file paths.

Does this skill provide code fixes?

Yes, it generates production-ready code snippets and configuration updates to implement proper input validation and path normalization.

Path Traversal Finder

Name: Path Traversal Finder
Author: jeremylongshore

byjeremylongshore

•

983

•

Security & Testing

Identifies and mitigates directory traversal vulnerabilities by scanning source code for insecure file handling patterns.

Path Traversal Finder is a specialized Claude Code skill designed to automate the detection and remediation of path traversal vulnerabilities. By leveraging advanced pattern matching and security best practices, it helps developers secure file system interactions, validate user-provided paths, and implement robust input sanitization. As part of the Security Fundamentals suite, this skill provides actionable guidance to prevent unauthorized file access and ensure compliance with industry-standard secure coding practices.

Key Features

01Deep codebase analysis using integrated Grep and Bash tools

02Identification of insecure file system APIs and input handling

03Automated scanning for path traversal patterns and dot-dot-slash vulnerabilities

04Step-by-step remediation guidance based on OWASP standards

05Generation of production-ready sanitization and validation code

06983 GitHub stars

Use Cases

01Refactoring legacy code to implement secure path validation logic

02Auditing file upload and download modules for security weaknesses

03Training developers on identifying and fixing directory traversal exploits

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add jeremylongshore/claude-code-plugins-plus-skills path-traversal-finder

For use in Claude.ai and ChatGPT

Download Skill