pentest-whitebox-code-review
Installation
SKILL.md
Pentest Whitebox Code Review
Purpose
Perform systematic white-box source code security audit using Shannon's backward taint analysis methodology. Traces from dangerous sinks back to user-controlled sources, classifies injection contexts by slot type, verifies XSS render contexts, and produces a prioritized exploitation queue for downstream proof-driven exploitation.
Prerequisites
Authorization Requirements
- Written authorization with explicit scope for source code review
- Source code access — full repository with version control history
- Architecture documentation if available (data flow diagrams, API specs)
- Deployment configuration access (environment variables, secrets management)