alibaba-dsl
CommunityAuthor Alibaba DSL taint rules for Java/JS.
Authorinvoke1442
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill enables precise authoring and verification of Alibaba DSL taint-analysis rules for Java and JavaScript SAST scanning, unifying rule creation with roster-driven definitions.
Core Features & Use Cases
- Roster-centric workflow: define source/sink/sanitizer semantics in rosters, then compose rules via imports.
- End-to-end verification: bundle rosters, rules, and relation config, then verify with the provided verify.sh script.
- Real-world scenarios: author taint rules to detect common vulnerabilities (SSRF, XSS, SQLi) across Java/JS apps with consistent validation.
Quick Start
Create a new Alibaba DSL Skill unit by placing SKILL.md in a skill folder and wiring a roster + rule with relation config, then run the verify script.
Dependency Matrix
Required Modules
None requiredComponents
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: alibaba-dsl Download link: https://github.com/invoke1442/Playground/archive/main.zip#alibaba-dsl Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.