orbit-ajax-fuzzer

Community

Fuzz-test WordPress AJAX endpoints for security vulnerabilities.

Authoradityaarsharma
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This Skill identifies and tests security vulnerabilities in WordPress plugin AJAX endpoints, ensuring that wp_ajax_* and wp_ajax_nopriv_* actions are secure against common threats.

Core Features & Use Cases

  • AJAX Endpoint Scanning: Discovers all AJAX actions in a plugin.
  • Fuzz Testing: Simulates attacks on admin-ajax.php endpoints with malformed payloads and missing nonces.
  • Use Case: After adding new AJAX handlers to a plugin, use this Skill to ensure they are secure against common security issues.

Quick Start

Run the orbit-ajax-fuzzer on your plugin with the following command:

PLUGIN_SLUG=my-plugin \
WP_TEST_URL=http://localhost:8881 \
  bash ~/Claude/orbit/scripts/ajax-fuzz.sh

Dependency Matrix

Required Modules

None required

Components

scripts

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: orbit-ajax-fuzzer
Download link: https://github.com/adityaarsharma/orbit/archive/main.zip#orbit-ajax-fuzzer

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 620,000+ vetted skills library on demand.