Agent Skills: js-code-analysis

Specialized JavaScript/TypeScript static analysis for bug bounty hunting. Covers Node.js, Express.js, Next.js, NestJS, Fastify, and modern frameworks. Uses AST-grep and Grep tool to find high-impact vulnerabilities (RCE, SSRF, SQLi, SSTI, Prototype Pollution, JWT, DOM XSS, GraphQL, ReDoS, CORS, CSRF) via strict Source-to-Sink Taint Analysis. Every finding MUST have concrete evidence.

UncategorizedID: mswell/dotfiles/js-code-analysis

Install this agent skill to your local

pnpm dlx add-skill https://github.com/mswell/dotfiles/js-code-analysis

Skill Files

Browse the full folder contents for js-code-analysis.

Download Skill

Loading file tree…

Select a file to preview its contents.