cybernetic
← library

Detect remote code execution flaws

sast-rceskillsetup L30
reasonless-throne486/sast-skills
What it does

Detect OS command injection and unsafe deserialization

Best for

Finding command injection and eval-like RCE across large codebases in parallel

Inputs
  • · codebase
  • · sast/architecture.md
Outputs
  • · sast/rce-results.md (vulnerable sinks + input traces)
Requires
  • · Subagents (batched verify)
  • · code analysis
Preconditions

sast/architecture.md exists, codebase readable, execution sinks identifiable

Failure modes
  • · Subprocess.run list-form calls flagged as safe (must verify)
  • · Missing detection of pickle/yaml.load unsafe patterns
  • · Large codebases timeout
  • · Incomplete source trace leads to false negatives
Trust signals
  • · Distinguishes os.system+shell=True from subprocess.run list form
  • · Covers pickle, yaml.load, Function() patterns
  • · Shows exact proof code paths