The Agent Skills Directory

[COMMAND_EXECUTION]: The skill documents numerous malicious payloads for exploiting OAuth redirect_uri vulnerabilities, including path traversal, character encoding bypasses, and URL parsing discrepancies.- [DATA_EXFILTRATION]: Contains multiple functional Proof-of-Concept (PoC) examples for stealing authorization codes and access tokens, featuring exfiltration via JavaScript fetch calls to external domains, CSS-based Referer leakage, and DNS-based data exfiltration.- [DATA_EXFILTRATION]: Documents the use of homoglyph characters (e.g., Cyrillic 'a') and zero-width spaces in URLs to bypass security filters and conduct phishing or redirection attacks.

oauth-sso-attack