Skills
skills/mukul975/anthropic-cybersecurity-skills/testing-for-xml-injection-vulnerabilities/Snyk

testing-for-xml-injection-vulnerabilities

Fail

Audited by Snyk on Apr 9, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E006: Malicious code pattern detected in skill scripts.

  • Malicious code pattern detected (high risk: 1.00). Contains explicit, actionable malicious patterns — XXE payloads for local file disclosure and cloud metadata access, external DTDs and OOB/DNS callbacks to attacker-controlled servers for data exfiltration, SSRF vectors to internal endpoints, and XML bombs for DoS — all of which can be used to steal credentials and compromise systems.

Issues (1)

E006
CRITICAL

Malicious code pattern detected in skill scripts.

Audit Metadata
Risk Level
CRITICAL
Analyzed
Apr 9, 2026, 06:48 PM
Issues
1