sast-fileupload

Detects insecure file upload vulnerabilities in codebases using a structured three-phase approach for enhanced security assessment.

Install this skill

78/100

Security score

The sast-fileupload skill was audited on Jun 13, 2026 and we found 4 security issues across 3 threat categories, including 1 high-severity. Review the findings below before installing.

Categories Tested

Security Issues

medium line 193

Template literal with variable interpolation in command context

SourceSKILL.md

193	cb(null, `${uuidv4()}${ext}`);

high line 531

Curl to non-GitHub URL

SourceSKILL.md

531	> Example: curl -X POST https://app.example.com/upload \

low line 531

External URL reference

SourceSKILL.md

531	> Example: curl -X POST https://app.example.com/upload \

low line 533

External URL reference

SourceSKILL.md

533	> then access: https://app.example.com/static/uploads/shell.php?cmd=id]

Scanned on Jun 13, 2026

View Security Dashboard

Installation guide →

GitHub Stars 661

Rate this skill

Categorydevelopment

UpdatedJune 15, 2026

openclaw backend security-engineer backend-developer devops-sre development

utkusen/sast-skills