·insecure-temp-files-anti-pattern
!

insecure-temp-files-anti-pattern

igbuend/grimbardGitHub: igbuend/grimbardSource: igbuend/grimbard

Security anti-pattern for insecure temporary files (CWE-377). Use when generating or reviewing code that creates temporary files, handles file caching, or processes uploads through temp storage. Detects predictable paths, insecure permissions, and missing cleanup.

cached·igbuend·insecure·temp·files·anti·pattern
0Installs·0Trend·@igbuend

Installation

GitHub: igbuend/grimbard
$npx skills add https://github.com/igbuend/grimbard --skill insecure-temp-files-anti-pattern

How to Install insecure-temp-files-anti-pattern

Quickly install insecure-temp-files-anti-pattern AI skill to your development environment via command line

  1. Open Terminal: Open your terminal or command line tool (Terminal, iTerm, Windows Terminal, etc.)
  2. Run Installation Command: Copy and run this command: npx skills add https://github.com/igbuend/grimbard --skill insecure-temp-files-anti-pattern
  3. Verify Installation: Once installed, the skill will be automatically configured in your AI coding environment and ready to use in Claude Code, Cursor, or OpenClaw

Source: igbuend/grimbard.

SKILL.md

View raw

Insecure temporary file creation exposes three attack vectors: predictable file names enabling symlink attacks, insecure permissions allowing unauthorized access, and missing cleanup leaving sensitive data on disk. Attackers exploit these to read sensitive data, inject malicious content, or cause denial of service. AI-generated code frequently suggests simplistic file handling vulnerable to these attacks.

Never create temporary files without securing their location, naming, permissions, and lifecycle management.

Using a predictable name for a temporary file creates a race condition. An attacker can guess the file name and create a symbolic link (symlink) at that location pointing to a sensitive system file. When the application writes to its "temporary" file, it is actually overwriting the linked file.

Security anti-pattern for insecure temporary files (CWE-377). Use when generating or reviewing code that creates temporary files, handles file caching, or processes uploads through temp storage. Detects predictable paths, insecure permissions, and missing cleanup. Source: igbuend/grimbard.

Facts (cite-ready)

Stable fields and commands for AI/search citations.

Install command
npx skills add https://github.com/igbuend/grimbard --skill insecure-temp-files-anti-pattern
Source
igbuend/grimbard
Category
!Security
Verified
First Seen
2026-03-13
Updated
2026-03-13
URL
https://www.learn-skills.dev/en/skills/igbuend/grimbard/insecure-temp-files-anti-pattern

Browse more skills from igbuend/grimbard

Quick answers

What is insecure-temp-files-anti-pattern?

Security anti-pattern for insecure temporary files (CWE-377). Use when generating or reviewing code that creates temporary files, handles file caching, or processes uploads through temp storage. Detects predictable paths, insecure permissions, and missing cleanup. Source: igbuend/grimbard.

How do I install insecure-temp-files-anti-pattern?

Open your terminal or command line tool (Terminal, iTerm, Windows Terminal, etc.) Copy and run this command: npx skills add https://github.com/igbuend/grimbard --skill insecure-temp-files-anti-pattern Once installed, the skill will be automatically configured in your AI coding environment and ready to use in Claude Code, Cursor, or OpenClaw

Where is the source repository?

https://github.com/igbuend/grimbard

Details

Category
!Security
Source
user
First Seen
2026-03-13

Related Skills

tikz
17 Installs
ethical-hacking-ethics
6 Installs
insufficient-randomness-anti-pattern
6 Installs
pgfplots
6 Installs
biblatex
5 Installs
weak-encryption-anti-pattern
5 Installs