PHP XXE Security Scanner

This skill empowers Claude to perform deep security audits of PHP codebases, specifically targeting XXE vulnerabilities as defined in OWASP A03:2021. It scans for insecure configurations in SimpleXML, DOMDocument, and XMLReader, identifies risky XSLT and SOAP implementations, and detects unsafe SVG handling. By providing both detection patterns and secure remediation strategies, it helps developers harden their XML processing logic and prevent sensitive file disclosure or Server-Side Request Forgery (SSRF) attacks.

Key Features

Use Cases