ark-pentest-issue-resolver

# Ark Penetration Test Issue Resolver

Provides detection patterns, mitigation strategies, and fixes for common penetration testing issues found in the Ark platform.

## When to use this skill

Use this skill when:
- User reports a penetration testing finding without a specific CVE
- Security audit reveals OWASP Top 10 vulnerabilities
- User mentions issues like "XSS", "SQL injection", "CSRF", etc.
- Need to identify and fix common security misconfigurations

**Note**: This skill is used by the **ark-security-patcher** agent when no specific CVE is mentioned. It helps identify and resolve standard penetration testing findings.

## Common Penetration Test Issues

### 1. SQL Injection

**Description**: Attacker can inject malicious SQL queries through user input.

**Detection Patterns**:
```python
# VULNERABLE: Direct string concatenation
query = f"SELECT * FROM users WHERE username = '{username}'"

# VULNERABLE: String formatting
query = "SELECT * FROM users WHERE id = %s" % user_id
```

**Mitigation**:
```python
# SECURE: Use parameterized queries
cursor.execute("SELECT * FROM users WHERE username = ?", (username,))

# SECURE: Use ORM with parameter binding
User.objects.filter(username=username)

# SECURE: Use sqlalchemy with bound parameters
session.query(User).filter(User.username == username)
```

**Ark Context**:
- Check Python services: `services/ark-api/`, executor services
- Search for: `cursor.execute`, `db.query`, SQL string concatenation
- Verify all database queries use parameterized statements

---

### 2. Cross-Site Scripting (XSS)

**Description**: Attacker can inject malicious JavaScript into web pages viewed by other users.

**Types**:
- **Reflected XSS**: Malicious script in URL/request is reflected in response
- **Stored XSS**: Malicious script stored in database and displayed to users
- **DOM-based XSS**: Vulnerability exists in client-side JavaScript

**Detection Patterns**:
```javascript
// VULNERABLE: Direct innerHTML manipulation
element.inner