Prompt:
"For the HTTP POST this form would request, write pure javascript that would make the same POST request and don't add anything extra like logging or errors:
<insert CSRF PoC from Burp>"
2. Exploit CSRF w/ XSS Payload
Prompt:
"Now add it as the javascript for the onerror event of an img tag with the source equal to something short"