Claude-skill-registry detecting-information-disclosure

Detects information disclosure vulnerabilities including sensitive data in logs, error message exposure, and memory leaks. Use when analyzing logging practices, error handling, or investigating data leakage issues.

install

source · Clone the upstream repo

git clone https://github.com/majiayu000/claude-skill-registry

Claude Code · Install into ~/.claude/skills/

T=$(mktemp -d) && git clone --depth=1 https://github.com/majiayu000/claude-skill-registry "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/data/detecting-information-disclosure" ~/.claude/skills/majiayu000-claude-skill-registry-detecting-information-disclosure && rm -rf "$T"

manifest: skills/data/detecting-information-disclosure/SKILL.md

Information Disclosure Detection

Detection Workflow

Identify sensitive data flows: Find where sensitive data is handled, trace data through application, identify all output points
Check logging practices: Analyze log statements, check error messages, review debug output
Assess exposure points: Identify all user-facing output, check external API responses, review file system artifacts
Evaluate impact: What information is disclosed? How sensitive is it? Who can access it?

Key Patterns

Sensitive data in logs: passwords, keys, stack traces in production logs
Error message disclosure: detailed errors revealing system info, paths, database queries
Memory disclosure: uninitialized memory reads, out-of-bounds reads, format string leaks
Storage disclosure: plaintext storage, weak encryption, insecure file permissions

Output Format

Report with: id, type, subtype, severity, confidence, location, sensitive data type, disclosure point, vulnerability description, exposure scope, risk, mitigation.

Severity Guidelines

CRITICAL: Disclosure of cryptographic keys or passwords
HIGH: Disclosure of sensitive user data
MEDIUM: Disclosure of system information
LOW: Disclosure of minor debug information