Which programming languages does this skill support?

This skill supports JavaScript, TypeScript, Python, Go, Java, Ruby, and PHP.

How do I execute these security scans?

The skill provides both regex patterns for IDE searches and shell-ready grep commands for rapid terminal-based auditing.

What types of vulnerabilities can it detect?

It identifies critical issues including SQL injection, cross-site scripting (XSS), command injection, unsafe deserialization, weak cryptography, and prototype pollution.

Are the detection patterns based on industry standards?

Yes, the patterns are mapped to OWASP ASVS (Application Security Verification Standard) and CWE (Common Weakness Enumeration) identifiers.

Does this skill provide remediation steps?

This specific skill is focused on detection. For remediation, you should use the remediation-specific skills like 'remediation-injection' or 'remediation-crypto'.

Language-Specific Security Vulnerability Patterns

Name: Language-Specific Security Vulnerability Patterns
Author: Zate

byZate

0•

Security & Testing

Identifies language-specific security vulnerabilities across major programming stacks using optimized regex and grep patterns.

This Claude Code skill provides a comprehensive library of detection patterns for identifying security vulnerabilities specific to JavaScript/TypeScript, Python, Go, Java, Ruby, and PHP. It enables developers and security researchers to perform targeted code audits by surfacing critical issues such as SQL injection, unsafe deserialization, prototype pollution, and weak cryptography through standardized regex searches and ready-to-use grep commands. By mapping patterns to ASVS and CWE standards, it streamlines the identification of high-risk code segments during development and code review.

Key Features

01Contextual severity levels and mapping to ASVS and CWE standards

020 GitHub stars

03Support for 6 major languages: JS/TS, Python, Go, Java, Ruby, and PHP

04Pre-configured regex patterns and CLI-ready grep commands

05Language-targeted scanning guidance for tech-stack specific audits

06Detection of critical vulnerabilities like SQLi, XSS, and Command Injection

Use Cases

01Identifying common vulnerabilities during manual code reviews

02Performing targeted security audits on specific tech stacks

03Bootstrapping automated auditor agents with domain-specific patterns

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add zate/cc-plugins vuln-patterns-languages

For use in Claude.ai and ChatGPT

Download Skill