security-review-owasp-dom-clobbering-prevention

Community

Catch DOM clobbering before it ships

Authorsjinks
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This Skill helps reviewers find DOM clobbering risks where user-controlled HTML, named-property collisions, or unsafe global property reads can alter browser behavior and undermine security decisions.

Core Features & Use Cases

  • Sanitization Review: Checks whether injected HTML is properly sanitized, including protection against dangerous id and name attributes.
  • Global Access Review: Flags unsafe reads from window, document, or implicit globals that may be clobberable by attacker-controlled markup.
  • Review Discipline: Separates confirmed weaknesses from gaps in evidence and produces findings with concrete code-path or behavior references.
  • Use Case: Review a rich-text rendering flow, a client-side router, or a callback lookup path to see whether DOM naming collisions can influence security-critical logic.

Quick Start

Ask the skill to review the target files or flow for DOM clobbering prevention weaknesses and return evidence-based findings, gaps, and passed checks.

Dependency Matrix

Required Modules

None required

Components

Standard package

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: security-review-owasp-dom-clobbering-prevention
Download link: https://github.com/sjinks/ai-owasp-skillset/archive/main.zip#security-review-owasp-dom-clobbering-prevention

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 537,000+ vetted skills library on demand.