security-review-owasp-server-side-request-forgery-prevention

Community

Catch SSRF before it reaches internal systems

Authorsjinks
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This Skill helps reviewers find server-side request forgery weaknesses in outbound request flows before attackers can reach internal services, metadata endpoints, or unintended external targets.

Core Features & Use Cases

  • Reviews webhook senders, callback handlers, URL fetchers, and integration flows where user input affects destination selection.
  • Checks URL parsing, allowlist or blocklist logic, DNS resolution, redirect handling, protocol restrictions, and network-layer protections.
  • Useful when auditing code, configuration, architecture, or operational controls for SSRF exposure and bypasses.

Quick Start

Use the SSRF prevention skill to review the outbound request flow in this repository and report any paths that could reach private networks or cloud metadata services.

Dependency Matrix

Required Modules

None required

Components

references

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: security-review-owasp-server-side-request-forgery-prevention
Download link: https://github.com/sjinks/ai-owasp-skillset/archive/main.zip#security-review-owasp-server-side-request-forgery-prevention

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 536,000+ vetted skills library on demand.