curl -L -o security-fix-advisor.skill "https://aiskillstore.io/v1/agent/skills/527bcfb0-d31f-4bc3-b7c9-30152cedad93/download?platform=ClaudeCode"
{
"tool": "download_skill",
"arguments": {
"skill_id": "527bcfb0-d31f-4bc3-b7c9-30152cedad93",
"platform": "ClaudeCode"
}
}
{
"mcpServers": {
"skill-store": {
"url": "https://aiskillstore.io/mcp/"
}
}
}
Given a vulnerability type (SQL Injection, XSS, SSRF, etc.), returns OWASP/CWE-based fix patterns, safe code alternatives, and a validation checklist — no external dependencies.
Compatible Platforms any
✅ No security risks found.
AI Review Stage
스킬 메타데이터에 따르면 'security-fix-advisor'는 외부 의존성이 없으며, 네트워크, 파일 시스템, 서브프로세스 접근 권한이 모두 'false'로 명시되어 있습니다. 제공된 코드(main.py 및 lib/vulnerability_db.py)를 분석한 결과, 이러한 선언된 권한을 위반하는 어떠한 코드(예: `subprocess`, `socket`, `requests` 모듈 사용, 임의 파일 읽기/쓰기 등)도 발견되지 않았습니다. `os.path` 관련 함수는 스킬 자체의 `lib` 디렉토리를 로드하기 위한 내부적인 용도로 사용되며, 이는 일반적인 파일 시스템 접근으로 간주되지 않습니다. `vulnerability_db.py`는 정적 데이터를 담고 있으며, `main.py`는 이 데이터를 기반으로 사용자 입력에 대한 정보를 조회하고 표준 입출력을 통해 응답하는 방식으로 동작합니다. 정적 분석 결과 또한 'approved' 상태이며, 어떠한 위험 요소나 난독화도 발견되지 않았습니다. 따라서 이 스킬은 안전하며, 명시된 목적에 부합하게 동작합니다.
Representative input/output examples for this skill. Agents can use these to understand how to invoke the skill and what output to expect.
Get parameterized query and ORM fix patterns for SQL injection in Python.
{
"language": "python",
"output_language": "en",
"vulnerability_type": "sql_injection"
}
{
"cwe_id": "CWE-89",
"fix_patterns": [
{
"anti_pattern": "Building SQL strings by concatenating or interpolating user input",
"code_example": "Use the DB-API parameterized execute() method with a bound parameter tuple",
"description": "Use DB-API 2.0 parameterized queries \u2014 pass user input as a separate tuple, never via string interpolation.",
"name": "Parameterized Query (DB-API)",
"safety_level": "primary"
},
{
"anti_pattern": "Calling ORM raw execute with an f-string containing user input",
"code_example": "Use ORM filter_by() or equivalent to let the ORM generate parameterized SQL",
"description": "Use an ORM (e.g., SQLAlchemy, Django ORM) which builds parameterized queries automatically.",
"name": "ORM Query Builder",
"safety_level": "primary"
}
],
"language": "python",
"owasp_category": "A03:2021-Injection",
"references": [
{
"title": "OWASP SQL Injection Prevention Cheat Sheet",
"url": "https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html"
},
{
"title": "CWE-89: SQL Injection",
"url": "https://cwe.mitre.org/data/definitions/89.html"
}
],
"severity": "high",
"summary": "SQL Injection allows attackers to manipulate database queries by injecting malicious SQL through user-supplied input.",
"validation_checklist": [
"All user-controlled values are passed via parameterized query API, not string building",
"No string concatenation or f-string/template-literal interpolation in SQL strings",
"ORM raw() / text() / literal() calls are audited \u2014 ensure they use bound parameters",
"Column/table name injection via dynamic identifiers is guarded by an allowlist",
"Error messages do not expose SQL query structure to the client"
],
"vulnerability_type": "sql_injection"
}
Get DOM sanitization and Content Security Policy fix patterns for XSS in JavaScript.
{
"language": "javascript",
"output_language": "en",
"vulnerability_type": "xss"
}
{
"cwe_id": "CWE-79",
"fix_patterns": [
{
"anti_pattern": "Assigning raw user input directly to element.innerHTML",
"code_example": "Call DOMPurify.sanitize(userInput) and assign the result to innerHTML",
"description": "Sanitize all HTML from untrusted sources with DOMPurify before inserting into the DOM.",
"name": "DOMPurify HTML Sanitization",
"safety_level": "primary"
},
{
"code_example": "Set Content-Security-Policy response header with default-src \u0027self\u0027 and nonce-based script-src",
"description": "Set a strict CSP header to limit script execution sources. Use nonces for inline scripts.",
"name": "Content Security Policy (CSP) Header",
"safety_level": "primary"
}
],
"language": "javascript",
"owasp_category": "A03:2021-Injection",
"references": [
{
"title": "OWASP XSS Prevention Cheat Sheet",
"url": "https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html"
},
{
"title": "CWE-79: XSS",
"url": "https://cwe.mitre.org/data/definitions/79.html"
}
],
"severity": "high",
"summary": "Cross-Site Scripting (XSS) allows attackers to inject malicious scripts into web pages viewed by other users.",
"validation_checklist": [
"All user input rendered in HTML is escaped or sanitized",
"innerHTML / dangerouslySetInnerHTML usage is audited \u2014 only sanitized content allowed",
"Content Security Policy header is set and tested",
"Template engine auto-escaping is enabled (never globally disabled)",
"HttpOnly and Secure flags set on session cookies"
],
"vulnerability_type": "xss"
}
Get URL allowlist and private IP blocking patterns for SSRF in Python.
{
"language": "python",
"output_language": "en",
"vulnerability_type": "ssrf"
}
{
"cwe_id": "CWE-918",
"fix_patterns": [
{
"anti_pattern": "Passing user-supplied URL directly to an HTTP client without hostname validation",
"code_example": "Parse URL with urlparse(), check hostname against ALLOWED_HOSTS set before fetching",
"description": "Parse the URL and check it against a strict allowlist of permitted domains/prefixes before making the request.",
"name": "URL Allowlist Validation",
"safety_level": "primary"
},
{
"code_example": "Resolve hostname with socket.gethostbyname(), check ipaddress.ip_address(ip).is_private is False",
"description": "Resolve the hostname and verify the resulting IP is not in private/loopback/link-local ranges before connecting.",
"name": "Block Private/Loopback Ranges",
"safety_level": "primary"
}
],
"language": "python",
"owasp_category": "A10:2021-Server-Side Request Forgery",
"references": [
{
"title": "OWASP SSRF Prevention Cheat Sheet",
"url": "https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html"
}
],
"severity": "high",
"summary": "Server-Side Request Forgery (SSRF) allows attackers to make the server issue requests to internal or arbitrary external systems.",
"validation_checklist": [
"All user-supplied URLs are validated against an explicit domain allowlist before use",
"Resolved IPs are checked against private (RFC 1918), loopback, and link-local ranges",
"HTTP redirects are disabled or the redirect target is re-validated",
"DNS rebinding is mitigated by re-checking IP after each redirect",
"Internal metadata endpoints (e.g., 169.254.169.254) are blocked at firewall level"
],
"vulnerability_type": "ssrf"
}
Get shell=False subprocess patterns for command injection prevention across any language.
{
"language": "generic",
"output_language": "en",
"vulnerability_type": "command_injection"
}
{
"cwe_id": "CWE-78",
"fix_patterns": [
{
"anti_pattern": "Using shell=True or shell-string invocation with a concatenated command string containing user input",
"code_example": "Use run_command([\u0027tool\u0027, arg1, arg2], shell=False) \u2014 pass args as list, never concatenate into shell string",
"description": "Always invoke system commands with an argument list (array), never by building a shell string. Disable shell interpretation.",
"name": "Pass Arguments as List, Disable Shell",
"safety_level": "primary"
}
],
"language": "generic",
"owasp_category": "A03:2021-Injection",
"references": [
{
"title": "OWASP Command Injection",
"url": "https://owasp.org/www-community/attacks/Command_Injection"
}
],
"severity": "critical",
"summary": "Command Injection allows attackers to execute arbitrary OS commands by injecting shell metacharacters into user input passed to system calls.",
"validation_checklist": [
"All subprocess/exec calls use argument list form, not shell string concatenation",
"shell=True / shell-string invocation is absent from the codebase",
"User input is never interpolated into shell command strings"
],
"vulnerability_type": "command_injection"
}
Get canonical path validation fix pattern for path traversal in Java.
{
"language": "java",
"output_language": "en",
"vulnerability_type": "path_traversal"
}
{
"cwe_id": "CWE-22",
"fix_patterns": [
{
"anti_pattern": "Opening a file at join(baseDir, userFile) without canonical path resolution",
"code_example": "Resolve File(baseDir, userFile).getCanonicalPath() and assert it starts with baseDirCanon + File.separator",
"description": "Resolve canonical path and verify it starts with the safe base directory.",
"name": "File.getCanonicalPath() Prefix Check",
"safety_level": "primary"
}
],
"language": "java",
"owasp_category": "A01:2021-Broken Access Control",
"references": [
{
"title": "OWASP Path Traversal",
"url": "https://owasp.org/www-community/attacks/Path_Traversal"
}
],
"severity": "high",
"summary": "Path Traversal allows attackers to access files outside the intended directory by using sequences like \u0027../\u0027 in filenames.",
"validation_checklist": [
"User-supplied file names are canonicalized before any file operation",
"Canonical path is checked to be under the intended base directory",
"Symlink traversal is considered (use OS-level real path resolution)",
"Null bytes in filenames are rejected",
"Directory listing is disabled for web-accessible directories"
],
"vulnerability_type": "path_traversal"
}
SQL Injection fix guide with Korean validation checklist and summary.
{
"language": "python",
"output_language": "ko",
"vulnerability_type": "sql_injection"
}
{
"cwe_id": "CWE-89",
"fix_patterns": [
{
"code_example": "DB-API parameterized execute() \uba54\uc11c\ub4dc\uc5d0 \ubc14\uc778\ub4dc \ud30c\ub77c\ubbf8\ud130 \ud29c\ud50c\uc744 \uc804\ub2ec\ud558\uc138\uc694",
"description": "Use DB-API 2.0 parameterized queries \u2014 pass user input as a separate tuple, never via string interpolation.",
"name": "Parameterized Query (DB-API)",
"safety_level": "primary"
}
],
"language": "python",
"owasp_category": "A03:2021-Injection",
"references": [
{
"title": "OWASP SQL Injection Prevention Cheat Sheet",
"url": "https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html"
}
],
"severity": "high",
"summary": "SQL Injection\uc740 \uc0ac\uc6a9\uc790 \uc785\ub825\uc744 \ud1b5\ud574 \uc545\uc758\uc801\uc778 SQL\uc744 \uc8fc\uc785\ud574 \ub370\uc774\ud130\ubca0\uc774\uc2a4 \ucffc\ub9ac\ub97c \uc870\uc791\ud558\ub294 \ucde8\uc57d\uc810\uc785\ub2c8\ub2e4.",
"validation_checklist": [
"\ubaa8\ub4e0 \uc0ac\uc6a9\uc790 \uc785\ub825\uc774 \ubb38\uc790\uc5f4 \uacb0\ud569\uc774 \uc544\ub2cc \ud30c\ub77c\ubbf8\ud130\ud654\ub41c \ucffc\ub9ac API\ub85c \uc804\ub2ec\ub428",
"SQL \ubb38\uc790\uc5f4 \ub0b4 f-string / \ud15c\ud50c\ub9bf \ub9ac\ud130\ub7f4 \ubcf4\uac04 \uc5c6\uc74c",
"ORM\uc758 raw() / text() \ud638\ucd9c\uc5d0 \ubc14\uc778\ub4dc \ud30c\ub77c\ubbf8\ud130 \uc801\uc6a9 \uc5ec\ubd80 \uac10\uc0ac",
"\ub3d9\uc801 \uc2dd\ubcc4\uc790(\uceec\ub7fc\u00b7\ud14c\uc774\ube14\uba85)\ub294 allowlist\ub85c \uac80\uc99d",
"\uc5d0\ub7ec \uba54\uc2dc\uc9c0\uc5d0 SQL \ucffc\ub9ac \uad6c\uc870 \ub178\ucd9c \uae08\uc9c0"
],
"vulnerability_type": "sql_injection"
}
Supplying an unrecognized vulnerability type returns UNKNOWN_VULN_TYPE error.
{
"language": "c",
"vulnerability_type": "buffer_overflow_heap"
}
{
"error": {
"code": "UNKNOWN_VULN_TYPE",
"message": "Unknown vulnerability type: \u0027buffer_overflow_heap\u0027. Supported types: broken_auth, command_injection, csrf, idor, insecure_deserialization, open_redirect, path_traversal, sensitive_data_exposure, sql_injection, ssrf, weak_crypto, xss",
"status": 400
}
}
All examples are also available via the agent API:
/v1/agent/skills/527bcfb0-d31f-4bc3-b7c9-30152cedad93/schema
No reviews yet. Be the first to leave one!