Scan for input validation vulnerabilities and injection risks. Use when reviewing user input handling. Trigger with 'scan input validation', 'check injection vulnerabilities', or 'validate sanitization'.
5.2
Rating
0
Installs
Security
Category
This skill provides a reasonable framework for input validation scanning with clear use cases and workflow. The description covers core capabilities (XSS, SQL injection detection), and the skill references concrete scanning scripts (CodeQL, Semgrep) that provide task knowledge. However, there are notable inconsistencies: the skill mentions an 'input-validation-scanner plugin' that doesn't appear to exist in the actual implementation (which uses standard tools like CodeQL/Semgrep instead). The structure is somewhat cluttered with generic security scanning content that dilutes the specific input validation focus. Novelty is moderate—while helpful, this essentially wraps existing security scanning tools (CodeQL/Semgrep) that a CLI agent could invoke directly with appropriate prompting, though the pre-configured rulesets do add some value. The skill would benefit from removing references to non-existent plugins, tightening focus on input validation specifically, and clarifying how the scripts integrate with the documented workflow.
jeremylongshore
Skill Author
Loading SKILL.md…
