Skip to main content
Execute qualquer Skill no Manus
com um clique

csrf

Estrelas2
Forks1
Atualizado9 de julho de 2026 às 12:42

SAST detection methodology for cross-site request forgery (CWE-352), including missing/unverified anti-CSRF tokens, tokens not tied to session, SameSite gaps (Lax bypass via top-level GET state change, SameSite=None), JSON CSRF via simple content-types, login/logout CSRF, HTTP method override, CORS-enabled state-changing endpoints, and GET requests that change state. Use when reviewing state-changing endpoints and their CSRF defenses. Writes confirmed findings to findings/18-csrf.md.

Instalação

Instalar com Codex ou Claude Copie este prompt, cole no Codex, Claude ou outro assistente e deixe que ele revise a página da skill e instale para você.

SKILL.md
readonly