back
loading skill details...
>-
SKILL: Prototype Pollution — Expert Attack Playbook AI LOAD INSTRUCTION: Expert prototype pollution for client and server JS. Covers __proto__ vs constructor.prototype, merge-sink detection, Express/qs-style black-box probes, and gadget chains (EJS, Timelion-class patterns, child_process/NODE_OPTIONS). Assumes you know object spread and prototype inheritance — focus is on parser behavior and post-pollution sinks. Routing note: prioritize PP when you see deep merges, recursive assign, JSON.parse followed by Object.assign, or URL queries converted to nested objects. 0. QUICK START Client-side first probes #__proto__[polluted]=1 #__proto__[polluted]=polluted #constructor[prototype][polluted]=1 When input can reflect into DOM or framework routing, pair with alert(1) / console checks to observe whether global object properties were polluted.
don't have the plugin yet? install it then click "run inline in claude" again.