Can it detect DNS rebinding?

Yes, the skill analyzes code patterns to see if there is a gap between when a URL is validated and when the actual request is made, which could allow for DNS rebinding attacks.

Does this skill work with cloud environments?

Yes, it specifically checks for vulnerabilities involving cloud metadata endpoints (like 169.254.169.254) which are often targeted to steal IAM credentials.

What is the difference between standard and deep analysis?

Standard depth checks URL fetch calls for immediate user input, while deep analysis traces the entire data flow from request parameters through string transformations to the final fetch call.

What is an SSRF vulnerability?

Server-Side Request Forgery (SSRF) occurs when an attacker can influence a server-side application to make unauthorized requests to an internal or external resource, often bypassing firewalls.

Which security scanners does this skill integrate with?

The skill integrates with Semgrep, Bandit (Python), and Gosec (Go) to provide high-confidence automated findings alongside manual code analysis.

SSRF Security Audit

Name: SSRF Security Audit
Author: florianbuetow

byflorianbuetow

•

Security & Testing

Analyzes source code to identify and mitigate Server-Side Request Forgery (SSRF) vulnerabilities and unauthorized internal network access.

The SSRF Security Audit skill provides a specialized security layer for Claude Code, focusing on the OWASP Top 10 A10:2021 category. It automatically scans your codebase for dangerous URL fetching patterns, missing validation of internal IP ranges, and high-risk exposure of cloud metadata endpoints. By leveraging integration with industry-standard scanners like Semgrep and Bandit alongside deep taint analysis, the skill traces data flow from user-controlled inputs to outgoing HTTP requests. This helps developers prevent unauthorized internal scanning, data exfiltration, and credential theft in cloud environments through rigorous validation of URL schemes, IP ranges, and redirect behaviors.

Key Features

01Deep taint analysis tracing data flow from request to HTTP client

026 GitHub stars

03Verification of internal IP range blocking and URL scheme whitelisting

04Cloud metadata endpoint protection for AWS, GCP, and Azure

05Automated detection of user-controlled URL fetching vulnerabilities

06Detection of DNS rebinding and redirect-based bypass patterns

Use Cases

01Auditing webhook handlers and URL preview features for security flaws

02Identifying DNS rebinding vulnerabilities in outbound request logic

03Securing cloud-native applications against metadata service credential theft

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add florianbuetow/claude-code ssrf

For use in Claude.ai and ChatGPT

Download Skill