SKILL: Cross-Site Scripting (XSS) — Expert Attack Playbook AI LOAD INSTRUCTION : This skill covers non-obvious XSS techniques, context-specific payload selection, WAF bypass, CSP bypass, and post-exploitation. Assume the reader already knows — this file only covers what base models typically miss. For real-world CVE cases, HttpOnly bypass strategies, XS-Leaks side channels, and session fixation attacks, load the companion SCENARIOS.md. 0. RELATED ROUTING Extended Scenarios Also load SCENARIOS.md when you need: - Django debug page XSS (CVE-2017-12794) — duplicate key error → unescaped exceptio…