insecure-deserialization-checker

Quick Review

The skill has clear structure and addresses a legitimate security concern (insecure deserialization detection), but severely lacks specific implementation details. The description is too generic - it doesn't explain what insecure deserialization vulnerabilities look like, which languages/frameworks are supported, what patterns to detect (Java serialization, Python pickle, Node.js eval, etc.), or what analysis techniques are used. The 'Capabilities' section contains only boilerplate text without concrete task knowledge about detection methodologies, code patterns to identify, or specific outputs. A CLI agent would struggle to actually perform deserialization checks based solely on this documentation. To improve: add specific vulnerability patterns, supported languages/serialization libraries, detection algorithms, example vulnerable code snippets, and concrete remediation guidance.