CISO Security KitAppSecAI CISO

Injection (SQLi / XSS)

OWASP Top 10 A03 — SQL injection, cross-site scripting, command injection, and untrusted input handling.

What this skill does

Injection (SQLi / XSS) is a versioned playbook inside the CISO Security Kit. It runs on the AI CISO agent through the Procux skill runtime, producing structured, auditable output suitable for executive review and regulator submission.

Kit: CISO Security Kit
Category: AppSec
Primary agent(s): AI CISO
Tags: owasp, appsec, sqli, xss, injection

How to use it

Sign in to your Procux workspace and open the platform dashboard.
Pick the AI CISO agent, then pick Injection (SQLi / XSS) from the CISO Security Kit catalog.
Provide the required inputs (repo, document, endpoint, jurisdiction) — the agent runs the playbook and returns a structured report.
Review, iterate, or export (PDF / JSON / Markdown) as part of your internal review cycle.

Related skills

Authentication & Session Failures
OWASP Top 10 A07 — review authentication and session management flaws: broken logout, session fixation, weak credentials, MFA bypass.
Broken Access Control
OWASP Top 10 A01 — review authorization flaws (BOLA, IDOR, privilege escalation, missing role checks).
Cryptographic Failures
OWASP Top 10 A02 — audit cryptography usage: weak algorithms, key management, TLS config, at-rest / in-transit encryption gaps.

← Back to full catalog