Is this skill suitable for CI/CD workflows?

While it is designed for interactive use within Claude Code, it is highly effective for pre-commit checks and manual code reviews to ensure security compliance.

Which plugin powers the scanning capability?

This skill leverages the input-validation-scanner plugin to perform its deep analysis of source code patterns.

What specific vulnerabilities can this skill detect?

The skill identifies common security risks stemming from improper input handling, including SQL injection, Cross-Site Scripting (XSS), and command injection.

Does this skill provide recommendations for fixing flaws?

Yes, once vulnerabilities are identified, you can ask Claude to suggest best practices for sanitization or to refactor the code to use parameterized queries.

How do I start a security scan with Claude?

You can trigger a scan by asking Claude to 'scan for input validation issues' or 'find potential XSS vulnerabilities' in a specific file or directory.

Input Validation Security Scanner

Name: Input Validation Security Scanner
Author: jeremylongshore

byjeremylongshore

•

884

•

安全与测试

Scans source code for potential security vulnerabilities by identifying unvalidated or unsanitized user input.

This skill empowers Claude to proactively identify critical security flaws such as SQL injection, cross-site scripting (XSS), and command injection by analyzing how user-supplied data flows through your codebase. By leveraging a specialized scanning plugin, it automates the detection of missing sanitization logic and provides detailed reports on vulnerability locations, making it an essential tool for security audits, code reviews, and hardening web applications against common exploits.

主要功能

01884 GitHub stars

02Automated detection of SQL injection and XSS risks

03Streamlined security auditing for legacy and new code

04Support for hardening applications against web-based exploits

05Identification of unsanitized user-supplied data paths

06Detailed reporting of vulnerability locations in source code

使用场景

01Identifying unparameterized queries in database access layers to prevent SQL injection

02Scanning new modules or pull requests for potential cross-site scripting (XSS) flaws

03Auditing an entire codebase for input validation vulnerabilities during a security review

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add jeremylongshore/claude-code-plugins-plus-skills skill-adapter

For use in Claude.ai and ChatGPT

Download Skill