XSS Vulnerability Scanner

About

This skill empowers Claude to proactively detect Cross-Site Scripting (XSS) vulnerabilities within your codebase by performing context-aware analysis and WAF bypass testing. Ideal for security audits and pre-deployment reviews, it identifies risky injection points in web components, search functionalities, and form submissions, providing actionable remediation guidance and sanitization strategies to ensure your applications remain resilient against common attack vectors.

Key Features

• Generates safe proof-of-concept payloads for vulnerability verification
• 883 GitHub stars
• Detects reflected, stored, and DOM-based XSS vulnerabilities
• Provides detailed remediation reports with specific sanitization fixes
• Supports shortcut commands like /xss for rapid security audits
• Analyzes code context across HTML, JavaScript, CSS, and URLs

Use Cases

• Conducting automated security audits during the code review process
• Identifying unsanitized user inputs in search bars and comment forms
• Testing the effectiveness of Content Security Policies (CSP) against bypasses