write-nuclei-template-rule
Assists in creating YAML Nuclei templates for cybersecurity vulnerability scanning, focusing on dynamic data extraction and response matching.
Install this skill
or
51/100
Security score
The write-nuclei-template-rule skill was audited on Jun 6, 2026 and we found 17 security issues across 4 threat categories, including 1 critical. Review the findings below before installing.
Categories Tested
Security Issues
medium line 514
Wget to non-GitHub URL
SourceSKILL.md
| 514 | {{generate_java_gadget(\"commons-collections3.1\", \"wget http://{{interactsh-url}}\", \"base64\")}} |
critical line 725
Access to /etc/passwd
SourceSKILL.md
| 725 | part: interactsh_request # Confirms the retrieval of /etc/passwd file |
medium line 415
Base64 decode operation
SourceSKILL.md
| 415 | base64_decode(src interface) []byte Base64 decodes a string base64_decode(\"SGVsbG8=\") Hello |
low line 478
External URL reference
SourceSKILL.md
| 478 | url_decode(input string) string URL decodes the input string url_decode(\"https:%2F%2Fprojectdiscovery.io%3Ftest=1\") https://projectdiscovery.io?test=1 |
low line 479
External URL reference
SourceSKILL.md
| 479 | url_encode(input string) string URL encodes the input string url_encode(\"https://projectdiscovery.io/test?a=1\") https%3A%2F%2Fprojectdiscovery.io%2Ftest%3Fa%3D1 |
low line 514
External URL reference
SourceSKILL.md
| 514 | {{generate_java_gadget(\"commons-collections3.1\", \"wget http://{{interactsh-url}}\", \"base64\")}} |
low line 681
External URL reference
SourceSKILL.md
| 681 | GET /plugins/servlet/oauth/users/icon-uri?consumerUri=https://{{interactsh-url}} HTTP/1.1 |
low line 798
External URL reference
SourceSKILL.md
| 798 | An example is provided below - https://example.com:443/foo/bar.php |
low line 801
External URL reference
SourceSKILL.md
| 801 | {{BaseURL}} https://example.com:443/foo/bar.php |
low line 802
External URL reference
SourceSKILL.md
| 802 | {{RootURL}} https://example.com:443 |
low line 819
External URL reference
SourceSKILL.md
| 819 | # If BaseURL is set to https://abc.com then the |
low line 820
External URL reference
SourceSKILL.md
| 820 | # path will get replaced to the following: https://abc.com/.git/config |
low line 834
External URL reference
SourceSKILL.md
| 834 | Origin: https://google.com |
low line 1351
External URL reference
SourceSKILL.md
| 1351 | @Host: which overrides the real target of the request (usually the host/ip provided as input). It supports syntax with ip/domain, port, and scheme, for example: domain.tld, domain.tld:port, http://dom |
low line 1358
External URL reference
SourceSKILL.md
| 1358 | @Host: https://projectdiscovery.io:443 |
low line 1375
External URL reference
SourceSKILL.md
| 1375 | # This request will be sent instead to https://api.target.com:443 to verify the token validity |
low line 1377
External URL reference
SourceSKILL.md
| 1377 | @Host: https://api.target.com:443 |
Scanned on Jun 6, 2026
View Security Dashboard