cyberneticlibrary

Detect server-side template injection

sast-sstiskillsetup L3★0

reasonless-throne486/sast-skills ↗

What it does

Detect server-side template injection in dynamic rendering

Best for

Finding SSTI in microtemplate rendering (Jinja2, ERB, Handlebars) on dynamic pages

Inputs

· codebase
· sast/architecture.md

Outputs

· sast/ssti-results.md (template sink traces + expression language)

Requires

· Subagents
· code analysis

Preconditions

sast/architecture.md exists, template engines visible (Jinja2, ERB, Handlebars, etc.), user input sources identified

Failure modes

· Sandboxed template engines flagged as safe (false positive)
· Multiline template payload detection missed
· SSTI/XSS boundary confusion
· Server-side rendering (SSR) frameworks not analyzed

Trust signals

· Distinguishes SSTI from XSS
· Shows RCE via {{7*7}}, {{config}}, etc.
· Covers multiple template engines