Detect server-side request forgery
sast-ssrfskillsetup L3★0
reasonless-throne486/sast-skills ↗What it does
Detect SSRF reaching internal services and cloud metadata
Best for
Finding SSRF that reaches internal microservices, cloud metadata (169.254.169.254), or database servers
Inputs
- · codebase
- · sast/architecture.md
Outputs
- · sast/ssrf-results.md (URL sink traces + internal endpoints)
Requires
- · Subagents (batched)
- · code analysis
Preconditions
sast/architecture.md exists, HTTP client calls visible, URL sources identifiable
Failure modes
- · URL allowlist bypasses not detected (false negative)
- · DNS rebinding not covered
- · HTTP/2 push bypasses missed
- · Cloud SDK calls (boto3, gcloud) not analyzed
Trust signals
- · Distinguishes allowed list bypass from full SSRF
- · Shows cloud metadata attack vectors
- · Covers fetch libraries (requests, urllib, axios, node-fetch)