Ejecuta cualquier Skill en Manus
con un clic

Ejecuta cualquier Skill en Manus con un clic

markdown-injection-scanner

Scans Markdown (.md) files for malicious code injection including XSS, prompt injection, script injection, obfuscated payloads, and supply chain attack vectors. Use when auditing .md files for security threats or when the user mentions scanning markdown for malicious content.

Ejecutar en Manus

Estrellas65

Forks39

Actualizado2 de mayo de 2026, 04:44

Fuente

tranhieutt

tranhieutt/software_development_department

Abrir repositorio de GitHub Ver repositorios del creador

Comando de instalación

Descarga

Ejecutar en Manus

Útil paraSOC

Analistas de seguridad de la informaciónOcupaciones informáticas y matemáticas15-1212L4

Explorador de archivos

2 archivos

SKILL.md

readonly

Más de este repositorio

mismo repositorio

learner

tranhieutt/software_development_department

Turns real agent failures, repeated prompts, team-specific workflows, and durable project lessons into better SDD skills or memory entries. Use when the user asks to create/update/refine skills, extract reusable lessons, improve skill routing, encode team process, or save patterns for future sessions.

2026-05-1565

agent-style

tranhieutt/software_development_department

Provides the vendored agent-style v0.3.5 prose rule pack as a portable Claude skill. Use when installing, syncing, applying, or auditing SDD Agent-Style support in another project, or when a style-review workflow needs the bundled rules.

2026-05-1365

style-review

tranhieutt/software_development_department

Reviews Markdown prose against the pinned agent-style v0.3.5 rules and optionally writes a polished copy beside the source. Use for specs, ADRs, PR bodies, release notes, and technical docs when prose quality or evidence discipline matters.

2026-05-1365

dotnet-backend-patterns

tranhieutt/software_development_department

Provides .NET and ASP.NET Core patterns for REST APIs, Entity Framework, dependency injection, and middleware. Use when working with C# files (*.cs, *.csproj) or when the user mentions .NET, ASP.NET Core, C#, or Entity Framework.

2026-05-0165

hybrid-cloud-architect

tranhieutt/software_development_department

Designs hybrid cloud architectures connecting on-premises infrastructure with public cloud services. Use when designing systems spanning on-prem and cloud, or when the user mentions hybrid cloud or multi-environment architecture.

2026-05-0165

microservices-patterns

tranhieutt/software_development_department

Provides microservices design patterns for service decomposition, API gateway, circuit breakers, saga orchestration, and inter-service communication. Use when designing or implementing microservices architecture.

2026-05-0165

name	markdown-injection-scanner
type	workflow
description	Scans Markdown (.md) files for malicious code injection including XSS, prompt injection, script injection, obfuscated payloads, and supply chain attack vectors. Use when auditing .md files for security threats or when the user mentions scanning markdown for malicious content.
context	fork
agent	security-engineer
when_to_use	When scanning .md files for injection attacks, prompt injection, embedded malware, or when auditing documentation files for security threats
allowed-tools	Read, Glob, Grep, Bash
argument-hint	[target directory path]
user-invocable	true
effort	3

Markdown Injection Scanner

Scans all .md files in a target directory for 18 categories of malicious code injection. Uses regex pattern matching across the entire file corpus with parallel subagent execution for speed.

Usage

/markdown-injection-scanner [target-directory]

If no directory is specified, ask the user to provide one.

Phase 1: Discovery — Map the File Corpus

Count all .md files in target directory (recursive).
Sample 2-3 files to understand the file structure and content type (design docs, documentation, config, etc.).
Report file count and content type before proceeding.

Phase 2: Parallel Injection Scanning

Execute scans in 3 parallel batches using subagents for speed. Each subagent uses search_files with the target directory path and *.md file pattern.

Batch 1 — Script and Code Injection (5 patterns)

#	Category	Regex Pattern	Threat
1	Script tags	`<script[^>]*>`	Embedded JavaScript execution
2	HTML Event Handlers	`(onclick\|onerror\|onload\|onmouseover\|onfocus\|onblur\|onresize\|onsubmit\|onchange\|oninput\|onkeydown\|onkeyup\|onkeypress\|ontouchstart\|onmouseenter\|onmouseleave)\s*=`	Inline JS via HTML attributes
3	JS/VBScript Protocol	`(javascript:\|vbscript:)`	Malicious link protocols
4	Dynamic Code Execution	`(eval\s\(\|Function\s\(\|setTimeout\s\(\|setInterval\s\()`	Code execution via eval/setTimeout
5	DOM Manipulation	`(document\.(cookie\|domain\|write)\|window\.(location\|open)\|XMLHttpRequest\|fetch\s*\()`	DOM-based attacks

Batch 2 — Obfuscation and Encoding (6 patterns)

#	Category	Regex Pattern	Threat
6	Base64 Payloads	`(base64\|atob\|btoa\|b64decode\|b64encode)[\s(]`	Encoded malicious content
7	Data URI Injection	`data:\s*(text/html\|application/javascript\|text/javascript)`	Inline HTML/JS via data URIs
8	SVG Injection	`<svg[^>]*>`	SVG-based XSS vectors
9	Hex/Unicode Encoding	`(\\x[0-9a-fA-F]{2}\|\\u[0-9a-fA-F]{4}\|&#x[0-9a-fA-F]+;)`	Obfuscated character encoding
10	Hidden Text — display:none	`<(span\|div\|p)[^>]style\s=\s['"][^'"]display\s:\snone`	Hidden content tricks
11	Hidden Text — font-size:0	`font-size\s:\s0`	Invisible text

Batch 3 — Injection Vectors (7 patterns)

#	Category	Regex Pattern	Threat
12	HTML Tag Injection	`<(iframe\|embed\|object\|link\|meta\|form\|input\|textarea\|button)[\s>]`	Injected HTML elements
13	Suspicious Markdown Links	`\[.?\]\(data:` then `\[.?\]\(javascript:` then `\[.*?\]\(vbscript:`	Malicious link targets
14	Prompt Injection (NL)	`(?i)(ignore\s+(all\s+)?previous\s+instructions\|you\s+are\s+now\|forget\s+(all\s+)?previous\|system\s:\syou\s+are\|disregard\s+(all\s+)?prior\|override\s+(all\s+)?instructions\|new\s+instructions?:\|IMPORTANT:.*ignore\|do\s+not\s+follow)`	AI/LLM prompt hijacking
15	Prompt Injection (Token)	`(?i)(\[INST\]\|\[\/INST\]\|<\|im_start\|>\|<\|im_end\|>\|<\|system\|>\|<\|user\|>\|<\|assistant\|>\|Human:\|Assistant:\|###\sSystem\sPrompt\|BEGIN\s+HIDDEN\|END\s+HIDDEN)`	LLM token format injection
16	Shell Command Injection	`(curl\s+\|wget\s+\|bash\s+-c\|sh\s+-c\|powershell\|cmd\.exe\|/bin/sh\|/bin/bash\|rm\s+-rf\|chmod\s+777\|sudo\s+)`	Shell command execution
17	Executable File Links	`(https?://[^\s)>\]]*\.(exe\|bat\|cmd\|ps1\|sh\|msi\|dll\|vbs\|wsf\|hta\|scr))`	Links to malicious executables
18	Malware Keywords	`(?i)(steganograph\|obfusc\|malware\|payload\|exploit\|backdoor\|trojan\|keylog\|ransom\|phish)`	Direct malware references

Subagent Prompt Templates

Use 3 subagents via use_subagents, each with prompts corresponding to their batch patterns above. Replace [TARGET_DIR] with the actual target directory.

Subagent 1 — Script and Code Injection:

Search for script and code injection patterns in .md files in "[TARGET_DIR]". Use search_files with these regex patterns on *.md files, one at a time:
1. `<script[^>]*>`
2. `(onclick|onerror|onload|onmouseover|onfocus|onblur|onresize|onsubmit|onchange|oninput|onkeydown|onkeyup|onkeypress|ontouchstart|onmouseenter|onmouseleave)\s*=`
3. `(javascript:|vbscript:)`
4. `(eval\s*\(|Function\s*\(|setTimeout\s*\(|setInterval\s*\()`
5. `(document\.(cookie|domain|write)|window\.(location|open)|XMLHttpRequest|fetch\s*\()`
Report all findings per pattern.

Subagent 2 — Obfuscation and Encoding:

Search for obfuscation and encoding patterns in .md files in "[TARGET_DIR]". Use search_files with these regex patterns on *.md files, one at a time:
1. `(base64|atob|btoa|b64decode|b64encode)[\s(]`
2. `data:\s*(text/html|application/javascript|text/javascript)`
3. `<svg[^>]*>`
4. `(\\x[0-9a-fA-F]{2}|\\u[0-9a-fA-F]{4}|&#x[0-9a-fA-F]+;)`
5. `<(span|div|p)[^>]*style\s*=\s*['"][^'"]*display\s*:\s*none`
6. `font-size\s*:\s*0`
Report all findings per pattern.

Subagent 3 — Injection Vectors:

Search for injection vectors in .md files in "[TARGET_DIR]". Use search_files with these regex patterns on *.md files, one at a time:
1. `<(iframe|embed|object|link|meta|form|input|textarea|button)[\s>]`
2. `\[.*?\]\(data:` then `\[.*?\]\(javascript:` then `\[.*?\]\(vbscript:`
3. `(?i)(ignore\s+(all\s+)?previous\s+instructions|you\s+are\s+now|forget\s+(all\s+)?previous|system\s*:\s*you\s+are|disregard\s+(all\s+)?prior|override\s+(all\s+)?instructions|new\s+instructions?:|IMPORTANT:.*ignore|do\s+not\s+follow)`
4. `(?i)(\[INST\]|\[\/INST\]|<\|im_start\|>|<\|im_end\|>|<\|system\|>|<\|user\|>|<\|assistant\|>|Human:|Assistant:|###\s*System\s*Prompt|BEGIN\s+HIDDEN|END\s+HIDDEN)`
5. `(curl\s+|wget\s+|bash\s+-c|sh\s+-c|powershell|cmd\.exe|/bin/sh|/bin/bash|rm\s+-rf|chmod\s+777|sudo\s+)`
6. `(https?://[^\s)>\]]*\.(exe|bat|cmd|ps1|sh|msi|dll|vbs|wsf|hta|scr))`
7. `(?i)(steganograph|obfusc|malware|payload|exploit|backdoor|trojan|keylog|ransom|phish)`
Report all findings per pattern.

Phase 3: Sample Review

If any patterns matched in Phase 2, read the flagged files to:

Confirm the match is a true positive (not just a URL or benign text)
Assess severity of the injection
Identify the exact location and content

If zero patterns matched, skip to Phase 4.

Phase 4: Report Findings

Output Format

# Markdown Injection Scan Report — [TARGET_DIR]

## Summary
- **Files scanned:** [count]
- **Patterns checked:** 18
- **Threats found:** [count]
- **Verdict:** CLEAN | LOW RISK | MEDIUM RISK | HIGH RISK

## Results Matrix

| # | Category | Pattern | Matches | Severity |
|---|----------|---------|---------|----------|
| 1 | Script tags | <script> | 0 | — |
| ... | ... | ... | ... | ... |

## Detailed Findings (if any)

| Severity | Category | File:Line | Content | Remediation |
|----------|----------|-----------|---------|-------------|
| P0/P1/P2/P3 | ... | ... | ... | ... |

## Sample File Review
- Files reviewed: [list]
- Structure: [description]
- Suspicious content: [none / details]

Severity Guide

P0 Critical: Active script tags, eval(), javascript: protocol in links, command injection
P1 High: Prompt injection, SVG injection, data URI injection, HTML event handlers
P2 Medium: Base64 payloads, suspicious URLs, obfuscated content
P3 Low/Info: Malware keywords in text, hidden HTML elements

Phase 5: Save Report

Ask user permission before saving:

"May I write the report to docs/security/markdown-injection-scan-{YYYY-MM-DD}.md?"

Protocol

Question: Reads target directory from argument
Options: Skip — proceed directly if directory is provided
Decision: Run all 18 patterns via 3 parallel subagents
Draft: Results matrix shown in conversation before saving
Approval: Ask before writing report file

Related Skills

security-audit — comprehensive OWASP/infrastructure security audit for codebases
code-review — code-level review with security considerations
guard — freeze check before deploying security fixes