This is a frontend XSS scanner that analyzes React, Vue, Angular, and vanilla JavaScript for cross-site scripting vulnerabilities. It does static analysis to catch dangerous patterns like unsafe innerHTML usage, dangerouslySetInnerHTML without sanitization, v-html directives, and URL injection points. You get severity-rated findings with line numbers, vulnerable code snippets, and specific fixes like "use DOMPurify here" or "switch to textContent." The TypeScript implementation is thorough, covering framework-specific patterns and integrating with ESLint and Semgrep. Useful during code review or as part of CI/CD, though you'll want to tune the pattern matching to avoid false positives in your specific codebase. The secure coding examples are a nice reference for developers who need remediation guidance.
npx skills add https://github.com/sickn33/antigravity-awesome-skills --skill frontend-mobile-security-xss-scan