jndi-injection

Community

JNDI injection playbook. Use when Java applications perform JNDI lookups with attacker-controlled names, especially via Log4j2, Spring, or any code path reaching InitialContext.lookup().

Claude

810 stars Updated 4 days ago

Allowed Tools

This skill does not declare a tool allowlist. The agent host applies whatever default tools are available at runtime.

Source

SKILL.md / Manifest

https://raw.githubusercontent.com/yaklang/hack-skills/main/skills/jndi-injection/SKILL.md

Registry

github (via claudemarketplaces.com)

Trust Score

55Fair

Verification10/30

Scope Tightness

jndi-injection

Allowed Tools

Source

Trust Score

Details