In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsLearn about UNIX Symbolic Link (Symlink) Following vulnerabilities in an interactive lesson.
Start learningUpgrade skillctl to version 0.1.2 or higher.
Affected versions of this package are vulnerable to UNIX Symbolic Link (Symlink) Following via improper validation of file paths and symlinks in multiple processes. An attacker can access or delete arbitrary files and directories on the system by supplying malicious symlinks, manipulating configuration fields such as destination or source_path, or using crafted command-line arguments. This is only exploitable if a user processes a malicious skills library or merges a pull request containing a crafted .skills.toml file.