← Back to Skills

Unrestricted File Upload Anti Pattern

🌐Community
by igbuend · vlatest · Repository

Detects and flags suspicious file uploads bypassing security measures, preventing malicious content from entering systems.

Install on your platform

We auto-selected Claude Code based on this skill’s supported platforms.

1

Run in terminal (recommended)

terminal
claude mcp add unrestricted-file-upload-anti-pattern npx -- -y @trustedskills/unrestricted-file-upload-anti-pattern
2

Or manually add to ~/.claude/settings.json

~/.claude/settings.json
{
  "mcpServers": {
    "unrestricted-file-upload-anti-pattern": {
      "command": "npx",
      "args": [
        "-y",
        "@trustedskills/unrestricted-file-upload-anti-pattern"
      ]
    }
  }
}

Requires Claude Code (claude CLI). Run claude --version to verify your install.

About This Skill

What it does

This skill identifies and prevents AI agents from attempting unrestricted file uploads, a common security vulnerability. It analyzes user prompts for patterns indicative of attempts to upload files without proper authorization or validation. The anti-pattern aims to block these actions and provide informative feedback to the user about why their request was denied.

When to use it

  • When building AI agents that interact with systems where file uploads are possible, but must be strictly controlled.
  • To proactively prevent potential security breaches related to unauthorized file uploads.
  • In environments requiring strict adherence to data governance and compliance policies regarding file handling.
  • During development and testing phases to identify and mitigate vulnerabilities early on.

Key capabilities

  • Pattern recognition of unrestricted file upload attempts in user prompts.
  • Blocking of identified malicious requests.
  • Provision of informative feedback to the user explaining why their request was blocked.

Example prompts

  • "Upload this document to the server."
  • "Can you put this file somewhere?"
  • “Send this attachment.”

Tips & gotchas

This skill is a preventative measure and relies on prompt analysis; it's not a replacement for robust backend security measures. Ensure your agent’s underlying systems have proper authorization and validation controls in place for file uploads.

View Repository →

Tags

🛡️

TrustedSkills Verification

Unlike other registries that point to live repositories, TrustedSkills pins every skill to a verified commit hash. This protects you from malicious updates — what you install today is exactly what was reviewed and verified.

Security Audits

Gen Agent Trust HubPass
SocketPass
SnykPass

Details

Version
vlatest
License
Author
igbuend
Installs
3
Repository (canonical source) →

🌐 Community

Passed automated security scans.