Code Injection Specialist
OWASP/OSINT/YARA scanning specialist. Detects SQL injection, XSS, command injection, and known malware signatures in data payloads.
What It Does
The Code Injection Specialist is a dedicated security scanner that operates at the data layer — scanning the actual content of your data for embedded threats. It runs OWASP Top 10 pattern matching, YARA rule scanning against known malware signatures, and OSINT correlation to identify payloads from known threat actors.
Capabilities
- SQL injection detection
- XSS pattern matching
- Command injection scanning
- YARA rule engine
- OSINT threat correlation
- Path traversal detection
- XXE injection detection
Example
const result = await mcp.call('code_injection_scan', {
payload: normalizedPayload,
stream_uuid: streamUUID,
scan_rules: ['owasp', 'yara', 'osint'],
});
console.log(result.threats_found); // 2
console.log(result.threat_types); // ["SQL_INJECTION", "XSS"]Configuration
agent: code-injection-specialist
version: "1.0"
scan_rules:
owasp_top10: enabled
yara_rules: /etc/redqueen/yara/
osint_feeds: enabled
detection:
sql_injection: true
xss: true
command_injection: trueRelated Agents
Agent Smith Prime
Security sub-swarm orchestrator. Coordinates Code Injection Specialist, Cognitive Defense Agent, and Vaccine Compiler for comprehensive threat analysis.
Cognitive Defense Agent
NLP prompt injection and jailbreak detection. Guards against adversarial text designed to manipulate downstream AI systems.
Vaccine Compiler
Payload sanitization and format normalization. Removes threats, neutralizes malicious content, and produces a clean payload for downstream processing.