security-review-owasp-dom-clobbering-prevention
CommunityCatch DOM clobbering before it ships
Software Engineering#owasp#javascript#security review#dom clobbering#html sanitization#browser globals#named property
Authorsjinks
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill helps reviewers find DOM clobbering risks where user-controlled HTML, named-property collisions, or unsafe global property reads can alter browser behavior and undermine security decisions.
Core Features & Use Cases
- Sanitization Review: Checks whether injected HTML is properly sanitized, including protection against dangerous
idandnameattributes. - Global Access Review: Flags unsafe reads from
window,document, or implicit globals that may be clobberable by attacker-controlled markup. - Review Discipline: Separates confirmed weaknesses from gaps in evidence and produces findings with concrete code-path or behavior references.
- Use Case: Review a rich-text rendering flow, a client-side router, or a callback lookup path to see whether DOM naming collisions can influence security-critical logic.
Quick Start
Ask the skill to review the target files or flow for DOM clobbering prevention weaknesses and return evidence-based findings, gaps, and passed checks.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: security-review-owasp-dom-clobbering-prevention Download link: https://github.com/sjinks/ai-owasp-skillset/archive/main.zip#security-review-owasp-dom-clobbering-prevention Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 537,000+ vetted skills library on demand.