This skill should be used when the user asks to "test for HTML injection", "inject HTML into web pages", "perform HTML injection attacks", "deface web applications", or "test content injection vulnerabilities". It provides comprehensive HTML injection attack techniques and testing methodologies.
8.1
Rating
0
Installs
Security
Category
This is a comprehensive and well-structured skill for HTML injection testing. The description clearly articulates when to invoke the skill with specific trigger phrases. The task knowledge is extensive, covering theory, practical payloads, bypass techniques, automated testing scripts, and remediation guidance. The structure is logical with clear phases from understanding to prevention. The skill is moderately novel - while basic HTML injection tests are straightforward, the comprehensive payload library, phishing form construction, bypass techniques, and automation scripts provide significant value that would otherwise require substantial CLI interaction and token usage. Minor deductions: the skill could benefit from separating payload databases into referenced files for better modularity, and the novelty is somewhat limited as experienced penetration testers may already have similar toolkits.
davila7
Skill Author
Loading SKILL.md…
