Scans code for input validation gaps risking SQLi, XSS, command injection, path traversal, buffer overflows. Use when auditing user input from HTTP params, forms, APIs.
How this skill is triggered — by the user, by Claude, or both
Slash command
/input-validation-scanner:scanning-input-validation-practicesThis skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
Scan application source code for missing or insufficient input validation that could lead to injection attacks (SQL, XSS, command injection), buffer overflows, and path traversal vulnerabilities. Analyzes how user-provided data flows from HTTP parameters, form fields, and API inputs through the application to identify locations where sanitization or validation is absent.
Scan application source code for missing or insufficient input validation that could lead to injection attacks (SQL, XSS, command injection), buffer overflows, and path traversal vulnerabilities. Analyzes how user-provided data flows from HTTP parameters, form fields, and API inputs through the application to identify locations where sanitization or validation is absent.
This skill activates when you need to:
User request: "Scan the user profile module for potential XSS vulnerabilities."
The skill will:
User request: "Check the database access layer for potential SQL injection risks."
The skill will:
This skill can be used in conjunction with other security-related skills to provide a more comprehensive security assessment. For example, it can be combined with a static analysis skill to identify other types of vulnerabilities or with a dependency scanning skill to identify vulnerable third-party libraries.
If security scanning fails:
9plugins reuse this skill
First indexed Jul 10, 2026
Showing the 6 earliest of 9 plugins
npx claudepluginhub ia23a-lachnita/claude-code-plugins-plus-fix-skills --plugin input-validation-scannerScans code for input validation vulnerabilities (SQLi, XSS, command injection) and injection risks. Useful when reviewing user input handling.
Conducts security-focused code reviews to detect SQL injection, XSS, authentication flaws, and insecure dependencies. Activated by phrases like 'security scan' or 'audit'.
Guides code injection detection tasks with step-by-step instructions, best practices, and production-ready configurations for security fundamentals.