This repository is an authorized proof-of-concept for a stored XSS in Hack Club's
workshops external-preview route, created for parth@hackclub.com.
It MUST be named hackclub because the vulnerable code hardcodes
repo = owner + '/hackclub', so the live demo only works at
https://workshops.hackclub.com/external-preview/nystar1/main/poc.
Payload (workshops/poc/README.md) is benign: it only sets window markers and
changes the page title. Not affiliated with Hack Club's real repositories.