injection-checking
Entry P1 category router for injection testing. Use when routing between XSS, SQLi, SSRF, XXE, SSTI, command injection, and NoSQL injection workflows based on how attacker-controlled input is consumed.
How do I install this agent skill?
npx skills add https://github.com/yaklang/hack-skills --skill injection-checkingIs this agent skill safe to install?
- Gen Agent Trust Hubpass
This skill is a technical reference guide for identifying and testing various injection-related security vulnerabilities. It provides instructional payloads and methodologies for assessing SSI, LDAP, XPath, and LaTeX injections, as well as encoding-based bypasses. The content is educational and intended for security auditing purposes.
- Socketwarn
1 alert: gptSecurity
- Snykfail
Risk: CRITICAL · 1 issue
- ZeroLeakspass
Score: 93/100 · 2 sections analyzed
What does this agent skill do?
Injection Testing Router
This is the routing entry point when input reaches a dangerous interpreter or execution environment.
After confirming this is an injection-class issue, use it to decide whether it is mainly browser context, database, template engine, server-side requests, XML parsing, or system commands.
When to Use
- Input reaches HTML, JS, SQL, templates, URL fetchers, XML parsers, or shell
- You have not yet decided whether to start with XSS, SQLi, SSRF, XXE, SSTI, CMDi, or NoSQL
- You need to choose the correct deep-topic skill based on input flow
Skill Map
- XSS Cross Site Scripting
- SQLi SQL Injection
- SSRF Server Side Request Forgery
- XXE XML External Entity
- SSTI Server Side Template Injection
- CMDi Command Injection
- NoSQL Injection
- Deserialization Insecure
- JNDI Injection
- Expression Language Injection
- CRLF Injection
- Extra Injection Types (SSI, LDAP, XPath)
- Request Smuggling
- Prototype Pollution
- Type Juggling
- HTTP Parameter Pollution
- XSLT Injection
- CSV Formula Injection
Recommended Flow
- First identify the final sink of the input
- Then choose the topic skill that best matches that interpreter
- Small payload samples and quick triage are merged into each main skill; no extra payload router is needed
Related Categories
How can the creator link this skill?
Add the canonical catalog link to the repository README so users can inspect current installs and available audits. The publishing guide covers the complete discovery path.
<a href="https://skillzs.dev/skills/yaklang/hack-skills/injection-checking">View injection-checking on skillZs</a>