mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-07-05 23:38:57 +03:00
Production hardening: security fixes, code quality, 724 skills complete
- Fix 25 shell=True subprocess calls with list-based commands - Fix 49 verify=False in defensive skills (env-var override) - Add timeout to 231 HTTP/subprocess/socket calls - Fix 6 SQL injection patterns with whitelist validation - Replace 8 __import__() with standard imports - Remove 701 unused imports across 442 files - Add authorized-testing disclaimers to all offensive skills - Complete 11 incomplete skill directories - Expand 10 stub SKILL.md files with full content - Fix 2 YAML parse errors in frontmatter - Fix 5 pre-existing syntax errors - Convert 22 hardcoded paths/ports to environment variables - Back up 21 redundant skill pairs to .bak - Fix 2 global declaration errors - 724/724 skills with full folder anatomy (SKILL.md + agent.py + api-reference.md + LICENSE) - 0 compile errors across all 724 agent.py files
This commit is contained in:
@@ -89,7 +89,6 @@ def scan_response_body(url: str, method: str = "GET",
|
||||
def test_java_deserialization(url: str, cookie_name: str,
|
||||
callback_host: str) -> dict:
|
||||
"""Test for Java deserialization using a URLDNS-style detection payload."""
|
||||
import struct
|
||||
dns_url = f"http://{callback_host}/java-deser-test"
|
||||
urldns_marker = base64.b64encode(
|
||||
JAVA_MAGIC + b"\x00\x00\x00" + dns_url.encode()
|
||||
|
||||
Reference in New Issue
Block a user