skills/elementalsouls/claude-bughunter/hunt-host-header/Snyk

hunt-host-header

Fail

Audited by Snyk on Jun 13, 2026

Risk Level: CRITICAL

Full Analysis

CRITICAL E006: Malicious code pattern detected in skill scripts.

Malicious code pattern detected (high risk: 1.00). This document is an explicit, step‑by‑step offensive guide for exploiting Host header weaknesses to exfiltrate password reset tokens, perform routing SSRF against cloud metadata (credential theft), and conduct web-cache poisoning and OAuth/OIDC poisoning — all high‑risk techniques that enable account takeover and mass exploitation.

Issues (1)

E006

CRITICAL

Malicious code pattern detected in skill scripts.

Audit Metadata

Risk Level

CRITICAL

Analyzed

Jun 13, 2026, 04:05 PM

Issues

1

Security Audit — snyk — hunt-host-header