security-review-owasp-os-command-injection-defense
CommunitySpot OS command injection risks fast
Software Engineering#code review#owasp#security review#command injection#trust boundaries#allowlists
Authorsjinks
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill helps reviewers identify when untrusted input can reach commands, interpreters, redirect targets, or sensitive state changes in unsafe ways.
Core Features & Use Cases
- Boundary Analysis: Traces how attacker-controlled data moves through validation, normalization, binding, and execution paths.
- Exploit Prioritization: Distinguishes direct command execution risks from weaker formatting, routing, or configuration issues.
- Review Evidence: Anchors findings in visible code, tests, documentation, or behavior instead of speculation.
- Use Case: Apply it when reviewing an authentication flow, webhook handler, admin tool, or deployment script that may pass user input into shell commands or other privileged sinks.
Quick Start
Use the security-review-owasp-os-command-injection-defense skill to review the target files for unsafe input-to-execution paths and report any confirmed command injection weaknesses.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: security-review-owasp-os-command-injection-defense Download link: https://github.com/sjinks/ai-owasp-skillset/archive/main.zip#security-review-owasp-os-command-injection-defense Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 536,000+ vetted skills library on demand.