Skip to main content
Ejecuta cualquier Skill en Manus
con un clic

session-management

Estrellas2
Forks1
Actualizado9 de julio de 2026 a las 12:42

SAST detection methodology for session management flaws (CWE-384 session fixation), including session id not rotated after login/privilege change, no invalidation on logout / password change / role change (CWE-613 absent expiry, CWE-565 cookie-trust), predictable or exposed session identifiers, session id in URL, weak cookie scope/flags (CWE-614), remember-me tokens not rotated, and CSRF-token-vs-session binding. Use when reviewing login/logout, session lifecycle, and session-cookie configuration. Writes confirmed findings to findings/43-session-management.md.

Instalación

Instalar con Codex o Claude Copia este prompt, pégalo en Codex, Claude u otro asistente, y deja que revise la página de la skill y la instale por ti.

SKILL.md
readonly