Skill

code-injection-codegen

Audits packages for code injection vulnerabilities via dynamic code generation/evaluation using new Function(), eval(), vm.run*, or template interpolation in JS/TS, Python, Ruby, PHP.

Javascript

Typescript

npx claudepluginhub byamb4/find-cve-agent

Tool Access

This skill uses the workspace's default tool permissions.

Preview

Audit any package that dynamically generates or evaluates code — schema validators, template engines, expression evaluators, serializers with code generation, JIT compilers, query builders that emit JavaScript.

Supporting Assets

references/false-positive-indicators.mdreferences/poc-skeleton.mdreferences/sinks.md

SKILL.md

Similar Skills

command-injection

Detects OS command injection in JavaScript, TypeScript, Python, Go, Ruby, PHP via shell sinks like exec/system/popen. Traces user input, checks sanitization/argument injection for RCE in CLI wrappers.

3 files

find-cve-agent

vuln-patterns-injection

Audits Python code for injection vulnerabilities including command execution (subprocess, os.system), SQL queries (cursor.execute, sqlalchemy.text), eval/exec calls, and template rendering (Jinja2, Mako SSTI).

1 file

vuln-skills

injection

Detects SQL, command, template, and code injection vulnerabilities from unsanitized user input. Flags patterns like query concatenation or eval, recommends parameterized queries, argument lists, and autoescaping templates.

soundcheck

Stats

Stars18

Forks2

Last CommitMar 20, 2026

Actions

View Source View Plugin View on GitHub View README

Help us improve

Share bugs, ideas, or general feedback.

Code Injection via Code Generation

When to Use

This is the highest-yield vulnerability class for CVE hunting. ~90% acceptance rate when confirmed.

Key Insight

Code generation packages often interpolate user-controlled values directly into generated code strings. Unlike template injection (where user input goes INTO a template), here user input becomes PART of the generated code itself.

Process

Step 1: Find Code Evaluation Sinks

Search for all dynamic code execution:

# JavaScript/TypeScript
grep -rn "new Function\(" .
grep -rn "eval(" .
grep -rn "vm\.run" .
grep -rn "vm\.compileFunction" .
grep -rn "setTimeout(" . | grep -v "setTimeout(function"
grep -rn "setInterval(" . | grep -v "setInterval(function"
grep -rn "new AsyncFunction" .
grep -rn "script\.runIn" .

# Python
grep -rn "eval(" .
grep -rn "exec(" .
grep -rn "compile(" . | grep -v "re.compile"

# Ruby
grep -rn "\.eval\b" .
grep -rn "instance_eval" .
grep -rn "class_eval" .

# PHP
grep -rn "eval(" .
grep -rn "assert(" .
grep -rn "create_function" .
grep -rn "preg_replace.*\/e" .

Step 2: Trace Data Flow to Sink

For each sink found:

Identify what string is being evaluated
Trace backwards — is any part of that string derived from user input?
Check for template literals: new Function(`return ${userInput}`)
Check for string concatenation: new Function("return " + userInput)
Check for variable interpolation in generated code

Step 3: Check for Block Comment Escape

JSON.stringify does NOT escape */. If generated code wraps values in block comments:

// VULNERABLE PATTERN:
let code = `/* ${JSON.stringify(userValue)} */ actual_code_here`;
// Attacker input: */ malicious_code /*
// Result: /* */ malicious_code /* */ actual_code_here

Search for this pattern:

grep -rn "\/\*.*JSON\.stringify" .
grep -rn "\/\*.*\$\{" .

Step 4: Check for Incomplete Escaping

Common mistakes:

Escaping single quotes but not backticks (template literals)
Escaping backslash but not newlines (line injection)
Using JSON.stringify but not escaping </script> in HTML context
Escaping in the value but not in the key (object property names)

Step 5: Verify Exploitability

Can the attacker control the interpolated value?
Does the generated code get executed (not just constructed)?
What is the execution context? (Node.js process = RCE, browser = XSS)
Is there any sandboxing? (node:vm is NOT security — see sandbox-escape skill)

Vulnerable Patterns

Pattern 1: Template Literal in new Function()

// Schema validator generating validation function
function createValidator(schema) {
  const code = `return function(value) {
    if (typeof value !== "${schema.type}") throw new Error("invalid");
  }`;
  return new Function(code)();
}
// Exploit: schema.type = '"; }); process.mainModule.require("child_process").execSync("id"); //'

Pattern 2: String Concatenation in eval()

// Expression evaluator
function evaluate(expr) {
  return eval("(" + expr + ")");
}

Pattern 3: Code Generation with Object Keys

// Serializer generating accessor code
function createGetter(path) {
  return new Function("obj", `return obj.${path}`);
}
// Exploit: path = "x; process.mainModule.require('child_process').execSync('id'); //"

Pattern 4: Block Comment Escape

// Code generator with "safe" comments
function generateModule(config) {
  return `
    /* Config: ${JSON.stringify(config.name)} */
    module.exports = { value: ${JSON.stringify(config.value)} };
  `;
}
// Exploit: config.name = "*/ require('child_process').execSync('id'); /*"

Pattern 5: sourceURL Injection

// Debug source mapping
const code = `${generatedCode}\n//# sourceURL=${filename}`;
new Function(code)();
// Exploit: filename contains newline + malicious code

CVSS Guidance

Server-side code execution (Node.js): CRITICAL 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
With authentication required: HIGH 8.8 (PR:L)
Client-side only (browser): HIGH 7.5 (XSS equivalent)
Requires specific configuration: reduce AC to H

References

Sinks — Code execution sinks by language
False Positive Indicators — When this isn't a real bug
PoC Skeleton — Proof of concept template