Logo
Agent Skills Guide

injection-testing

published 2026/01/21

Validate miscellaneous injection vulnerabilities NOT covered by dedicated skills. Covers SSTI, LDAP, XPath, XQuery, CRLF/HTTP Header, Email Header, GraphQL, Expression Language (EL/OGNL), JSON/JavaScript eval injection, ORM/HQL, CSV/Formula, Regex (ReDoS), YAML config, and Shellshock-style injection. Use when testing CWE-1336 (SSTI), CWE-90 (LDAP), CWE-643 (XPath), CWE-652 (XQuery), CWE-93/CWE-113 (CRLF/Header), CWE-917 (EL), CWE-94/CWE-95 (Code/Eval injection), CWE-1333 (ReDoS), CWE-1236 (CSV/Formula), and related injection classes.

📦 Install Skill

Command line install

Install directly with the `skills` CLI.

npx skills add anshumanbh/securevibes/packages/core/securevibes/skills/dast/injection-testing

Local download

Download only this skill directory.

Download injection-testing only
File Explorer
0 files
No file selected
readonly

Select a file to view its content