Tracks untrusted input propagation from sources to sinks in binary code to identify injection vulnerabilities. Use when analyzing data flow, tracing user input to dangerous functions, or detecting command/SQL injection.
5.5
Rating
0
Installs
Security
Category
Strong skill for binary taint analysis with clear workflow and actionable patterns. The description effectively communicates when to use the skill (tracing untrusted input, detecting injections). The 5-step detection workflow provides solid task knowledge, covering source/sink identification, path tracing, and risk assessment. Key patterns illustrate concrete vulnerability scenarios. Structure is good with clean sections and references to supporting files. Novelty is moderate—while taint analysis is valuable for security work, it's a well-established technique; however, codifying the workflow and patterns for a CLI agent does add practical value by reducing the token overhead of explaining these concepts repeatedly. Minor improvement areas: could specify which reverse engineering tools/APIs to use for xrefs_to and function identification, and provide more granular guidance on the sanitization analysis step.
majiayu000
Skill Author
Loading SKILL.md…
