input-validation-sanitization-auditor
Installation
SKILL.md
Input Validation & Sanitization Auditor
Prevent injection attacks through proper input handling.
XSS Prevention
// ❌ DANGEROUS: Direct HTML injection
app.get("/search", (req, res) => {
res.send(`<h1>Results for: ${req.query.q}</h1>`); // XSS!
});
// ✅ SAFE: Properly escaped
import { escape } from "html-escaper";
app.get("/search", (req, res) => {
res.send(`<h1>Results for: ${escape(req.query.q)}</h1>`);
});