security-review-owasp-server-side-request-forgery-prevention
CommunityCatch SSRF before it reaches internal systems
Software Engineering#owasp#redirects#ssrf#security-review#code-audit#outbound-requests#dns-validation
Authorsjinks
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill helps reviewers find server-side request forgery weaknesses in outbound request flows before attackers can reach internal services, metadata endpoints, or unintended external targets.
Core Features & Use Cases
- Reviews webhook senders, callback handlers, URL fetchers, and integration flows where user input affects destination selection.
- Checks URL parsing, allowlist or blocklist logic, DNS resolution, redirect handling, protocol restrictions, and network-layer protections.
- Useful when auditing code, configuration, architecture, or operational controls for SSRF exposure and bypasses.
Quick Start
Use the SSRF prevention skill to review the outbound request flow in this repository and report any paths that could reach private networks or cloud metadata services.
Dependency Matrix
Required Modules
None requiredComponents
references
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: security-review-owasp-server-side-request-forgery-prevention Download link: https://github.com/sjinks/ai-owasp-skillset/archive/main.zip#security-review-owasp-server-side-request-forgery-prevention Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 536,000+ vetted skills library on demand.