From xss-vulnerability-scanner
Scans codebases for reflected, stored, DOM-based XSS in HTML, JavaScript, CSS, URLs; tests WAF bypass and CSP. Activates on 'scan for XSS' or '/xss'.
How this skill is triggered — by the user, by Claude, or both
Slash command
/xss-vulnerability-scanner:scanning-for-xss-vulnerabilitiesThis skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
Detect reflected, stored, and DOM-based XSS vulnerabilities through context-aware analysis of HTML, JavaScript, CSS, and URL injection points, with WAF bypass testing and CSP evaluation.
Detect reflected, stored, and DOM-based XSS vulnerabilities through context-aware analysis of HTML, JavaScript, CSS, and URL injection points, with WAF bypass testing and CSP evaluation.
This skill empowers Claude to proactively identify and report XSS vulnerabilities within your codebase. By leveraging advanced detection techniques, including context-aware analysis and WAF bypass testing, this skill ensures your web applications are resilient against common XSS attack vectors. It provides detailed insights into vulnerability types and offers guidance on remediation strategies.
This skill activates when you need to:
User request: "scan for XSS vulnerabilities in the search functionality"
The skill will:
User request: "/xss check the comment submission form"
The skill will:
sanitizeHtml.This skill complements other security-focused plugins by providing targeted XSS vulnerability detection. It can be integrated with code review tools to automate security checks and provide developers with immediate feedback on potential XSS issues.
The skill produces structured output relevant to the task.
5plugins reuse this skill
First indexed Jul 10, 2026
npx claudepluginhub fleet-to-force/claude-code-plugins-plus --plugin xss-vulnerability-scannerScans code for reflected, stored, and DOM-based XSS vulnerabilities using context-aware analysis, WAF bypass testing, and CSP evaluation. Useful for security audits and pre-deployment reviews.
Scans for XSS vulnerabilities and guides secure coding practices including input validation, authentication, and OWASP patterns.
Guides web app penetration testing for XSS vulnerabilities including stored, reflected, DOM-based attacks, payloads, filter bypasses, CSP evasion, and detection checklists.