deserialization-review
OfficialAudit deserialization for safety and resilience.
AuthorPandaala
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Prevent security and reliability failures caused by unsafe deserialization of untrusted data by providing a structured review checklist and decision notes.
Core Features & Use Cases
- Threat-model-driven review for deserialization boundaries in admin API bodies, Kubernetes CRD
spec, gRPC config streams, and DSL bytecode loading. - Concrete safety checks covering framing-level size limits, recursion depth risk, error-path non-panicking requirements, and serde flatten/unknown-field behavior.
- Targeted guidance for regex-backed payloads to mitigate ReDoS and pathological recompilation during
Deserialize-time construction.
Quick Start
Review a suspected JSON/YAML/protobuf/binary deserialization call by mapping it to the correct trust-boundary bucket, then applying the size-limit, recursion-depth, unknown-field, error-handling, and regex recompilation checks from this skill.
Dependency Matrix
Required Modules
None requiredComponents
references
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: deserialization-review Download link: https://github.com/Pandaala/Edgion/archive/main.zip#deserialization-review Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.