xss-anti-pattern
Installation
SKILL.md
Cross-Site Scripting (XSS) Anti-Pattern
Severity: Critical
Summary
Cross-Site Scripting (XSS) occurs when applications include untrusted data in web pages without proper encoding, allowing attackers to inject malicious scripts that steal cookies, hijack sessions, or perform unauthorized actions. AI-generated code has an 86% XSS failure rate.
The Anti-Pattern
The anti-pattern is directly embedding user-controlled data into HTML content without context-aware encoding or sanitization.
1. Reflected XSS
User input reflects malicious scripts immediately in the web browser response.