From find-cve-agent
Detects path traversal and Zip Slip vulnerabilities in JS/TS/Python/Go where user-controlled paths escape directories. Audit file uploads, archive extractions, static servers.
npx claudepluginhub byamb4/find-cve-agentThis skill uses the workspace's default tool permissions.
Audit archive extraction libraries, file upload handlers, static file servers, file path utilities, and any package that writes files based on user-controlled names.
Audits Python code for path traversal (CWE-22/23) in file operations (os.path.join, pathlib), uploads/downloads, archive extraction (tarfile, zipfile), and file inclusion.
Detects path traversal vulnerabilities in PHP code including directory traversal, LFI/RFI, file uploads, symlink attacks, zip slip, and null byte injection.
Detects path traversal vulnerabilities in file operations using user-supplied paths. Enforces canonicalization, symlink resolution, and root containment checks before read/write/delete.
Share bugs, ideas, or general feedback.
Audit archive extraction libraries, file upload handlers, static file servers, file path utilities, and any package that writes files based on user-controlled names.
~85% CVE acceptance rate when confirmed.
path.join() does NOT prevent .. traversal in Node.js:
path.join('/uploads', '../../../etc/passwd')
// Returns: '/etc/passwd' -- NOT '/uploads/etc/passwd'
path.resolve() returns an absolute path but also does NOT validate that it stays within a base directory.
User controls a filename/path parameter that is concatenated with a base directory:
const filePath = path.join(uploadDir, req.params.filename);
fs.readFileSync(filePath); // ../../../etc/passwd
Malicious archive entries contain ../ in their filenames. During extraction, files are written outside the intended directory:
malicious.zip contains:
../../../../tmp/pwned.txt
Archive contains a symlink pointing outside the target directory, then a file targeting that symlink. During extraction, the file follows the symlink and writes to an arbitrary location.
On Windows or with naive path checks, ..\ bypasses ../ filtering:
filename = "..\\..\\..\\etc\\passwd"
%2e%2e%2f = ../
%2e%2e/ = ../
..%2f = ../
Double encoding: %252e%252e%252f
../../etc/passwd%00.png
Older systems truncate at null byte. Rare in modern runtimes.
# JavaScript/TypeScript
grep -rn "fs\.writeFile\|fs\.createWriteStream\|fs\.rename\|fs\.copyFile" .
grep -rn "fs\.readFile\|fs\.readFileSync\|fs\.createReadStream" .
grep -rn "path\.join\|path\.resolve" .
# Python
grep -rn "open(.*w\|shutil\.copy\|shutil\.move\|os\.rename" .
grep -rn "extractall\|extract(" .
# Go
grep -rn "os\.Create\|os\.OpenFile\|io\.Copy\|filepath\.Join" .
grep -rn "archive/zip\|archive/tar" .
grep -rn "unzip\|extract\|decompress\|gunzip\|untar" .
grep -rn "adm-zip\|yauzl\|unzipper\|archiver\|tar\|fflate\|JSZip\|node-7z" .
grep -rn "zipfile\|tarfile\|py7zr\|patool" .
grep -rn "startsWith\|indexOf\|includes\|realpath\|normalize" .
grep -rn "\.\." . --include="*.js" | grep -i "reject\|deny\|block\|filter"
Common INCORRECT validations:
path.join(base, input) -- does NOT prevent traversalinput.indexOf('..') === -1 -- can be bypassed with ....// or encodinginput.replace('../', '') -- bypassed with ....// (after removal, ../ remains)CORRECT validations:
path.resolve(base, input) then result.startsWith(base + path.sep) -- verifies result is within basefs.realpathSync() to resolve symlinks before checking