api-security-testing — for Claude Code api-security-testing, ai-agent-foundation-template, community, for Claude Code, ide skills, api-fuzzing-bug-bounty, scanning-tools, broken-authentication, idor-testing, sql-injection-testing

v1.0.0
GitHub

Über diesen Skill

Geeigneter Einsatz: Ideal for AI agents that need api security testing workflow. Lokalisierte Zusammenfassung: # API Security Testing Workflow Overview Specialized workflow for testing REST and GraphQL API security including authentication, authorization, rate limiting, input validation, and API-specific vulnerabilities. This AI agent skill supports Claude Code, Cursor, and

Funktionen

API Security Testing Workflow
When to Use This Workflow
Use this workflow when:
Testing REST API security
Assessing GraphQL endpoints

# Kernthemen

for Claude Code api-fuzzing-bug-bounty scanning-tools broken-authentication idor-testing sql-injection-testing
MMEHDI0606 MMEHDI0606
[2]
[0]
Aktualisiert: 4/23/2026

Skill Overview

Start with fit, limitations, and setup before diving into the repository.

Geeigneter Einsatz: Ideal for AI agents that need api security testing workflow. Lokalisierte Zusammenfassung: # API Security Testing Workflow Overview Specialized workflow for testing REST and GraphQL API security including authentication, authorization, rate limiting, input validation, and API-specific vulnerabilities. This AI agent skill supports Claude Code, Cursor, and

Warum diese Fähigkeit verwenden

Empfehlung: api-security-testing helps agents api security testing workflow. API Security Testing Workflow Overview Specialized workflow for testing REST and GraphQL API security including authentication

Am besten geeignet für

Geeigneter Einsatz: Ideal for AI agents that need api security testing workflow.

Handlungsfähige Anwendungsfälle for api-security-testing

Anwendungsfall: Applying API Security Testing Workflow
Anwendungsfall: Applying When to Use This Workflow
Anwendungsfall: Applying Use this workflow when:

! Sicherheit & Einschränkungen

  • Einschraenkung: Requires repository-specific context from the skill documentation
  • Einschraenkung: Works best when the underlying tools and dependencies are already configured

About The Source

The section below comes from the upstream repository. Use it as supporting material alongside the fit, use-case, and installation summary on this page.

Labs-Demo

Browser Sandbox Environment

⚡️ Ready to unleash?

Experience this Agent in a zero-setup browser environment powered by WebContainers. No installation required.

Boot Container Sandbox

FAQ und Installationsschritte

These questions and steps mirror the structured data on this page for better search understanding.

? Häufige Fragen

Was ist api-security-testing?

Geeigneter Einsatz: Ideal for AI agents that need api security testing workflow. Lokalisierte Zusammenfassung: # API Security Testing Workflow Overview Specialized workflow for testing REST and GraphQL API security including authentication, authorization, rate limiting, input validation, and API-specific vulnerabilities. This AI agent skill supports Claude Code, Cursor, and

Wie installiere ich api-security-testing?

Führen Sie den Befehl aus: npx killer-skills add MMEHDI0606/ai-agent-foundation-template/api-security-testing. Er funktioniert mit Cursor, Windsurf, VS Code, Claude Code und mehr als 19 weiteren IDEs.

Wofür kann ich api-security-testing verwenden?

Wichtige Einsatzbereiche sind: Anwendungsfall: Applying API Security Testing Workflow, Anwendungsfall: Applying When to Use This Workflow, Anwendungsfall: Applying Use this workflow when:.

Welche IDEs sind mit api-security-testing kompatibel?

Dieser Skill ist mit Cursor, Windsurf, VS Code, Trae, Claude Code, OpenClaw, Aider, Codex, OpenCode, Goose, Cline, Roo Code, Kiro, Augment Code, Continue, GitHub Copilot, Sourcegraph Cody, and Amazon Q Developer kompatibel. Nutzen Sie die Killer-Skills CLI für eine einheitliche Installation.

Gibt es Einschränkungen bei api-security-testing?

Einschraenkung: Requires repository-specific context from the skill documentation. Einschraenkung: Works best when the underlying tools and dependencies are already configured.

So installieren Sie den Skill

  1. 1. Terminal öffnen

    Öffnen Sie Ihr Terminal oder die Kommandozeile im Projektverzeichnis.

  2. 2. Installationsbefehl ausführen

    Führen Sie aus: npx killer-skills add MMEHDI0606/ai-agent-foundation-template/api-security-testing. Die CLI erkennt Ihre IDE oder Ihren Agenten automatisch und richtet den Skill ein.

  3. 3. Skill verwenden

    Der Skill ist jetzt aktiv. Ihr KI-Agent kann api-security-testing sofort im aktuellen Projekt verwenden.

! Source Notes

This page is still useful for installation and source reference. Before using it, compare the fit, limitations, and upstream repository notes above.

Upstream Repository Material

The section below comes from the upstream repository. Use it as supporting material alongside the fit, use-case, and installation summary on this page.

Upstream Source

api-security-testing

Install api-security-testing, an AI agent skill for AI agent workflows and automation. Explore features, use cases, limitations, and setup guidance.

SKILL.md
Readonly
Upstream Repository Material
The section below comes from the upstream repository. Use it as supporting material alongside the fit, use-case, and installation summary on this page.
Upstream Source

API Security Testing Workflow

Overview

Specialized workflow for testing REST and GraphQL API security including authentication, authorization, rate limiting, input validation, and API-specific vulnerabilities.

When to Use This Workflow

Use this workflow when:

  • Testing REST API security
  • Assessing GraphQL endpoints
  • Validating API authentication
  • Testing API rate limiting
  • Bug bounty API testing

Workflow Phases

Phase 1: API Discovery

Skills to Invoke

  • api-fuzzing-bug-bounty - API fuzzing
  • scanning-tools - API scanning

Actions

  1. Enumerate endpoints
  2. Document API methods
  3. Identify parameters
  4. Map data flows
  5. Review documentation

Copy-Paste Prompts

Use @api-fuzzing-bug-bounty to discover API endpoints

Phase 2: Authentication Testing

Skills to Invoke

  • broken-authentication - Auth testing
  • api-security-best-practices - API auth

Actions

  1. Test API key validation
  2. Test JWT tokens
  3. Test OAuth2 flows
  4. Test token expiration
  5. Test refresh tokens

Copy-Paste Prompts

Use @broken-authentication to test API authentication

Phase 3: Authorization Testing

Skills to Invoke

  • idor-testing - IDOR testing

Actions

  1. Test object-level authorization
  2. Test function-level authorization
  3. Test role-based access
  4. Test privilege escalation
  5. Test multi-tenant isolation

Copy-Paste Prompts

Use @idor-testing to test API authorization

Phase 4: Input Validation

Skills to Invoke

  • api-fuzzing-bug-bounty - API fuzzing
  • sql-injection-testing - Injection testing

Actions

  1. Test parameter validation
  2. Test SQL injection
  3. Test NoSQL injection
  4. Test command injection
  5. Test XXE injection

Copy-Paste Prompts

Use @api-fuzzing-bug-bounty to fuzz API parameters

Phase 5: Rate Limiting

Skills to Invoke

  • api-security-best-practices - Rate limiting

Actions

  1. Test rate limit headers
  2. Test brute force protection
  3. Test resource exhaustion
  4. Test bypass techniques
  5. Document limitations

Copy-Paste Prompts

Use @api-security-best-practices to test rate limiting

Phase 6: GraphQL Testing

Skills to Invoke

  • api-fuzzing-bug-bounty - GraphQL fuzzing

Actions

  1. Test introspection
  2. Test query depth
  3. Test query complexity
  4. Test batch queries
  5. Test field suggestions

Copy-Paste Prompts

Use @api-fuzzing-bug-bounty to test GraphQL security

Phase 7: Error Handling

Skills to Invoke

  • api-security-best-practices - Error handling

Actions

  1. Test error messages
  2. Check information disclosure
  3. Test stack traces
  4. Verify logging
  5. Document findings

Copy-Paste Prompts

Use @api-security-best-practices to audit API error handling

API Security Checklist

  • Authentication working
  • Authorization enforced
  • Input validated
  • Rate limiting active
  • Errors sanitized
  • Logging enabled
  • CORS configured
  • HTTPS enforced

Quality Gates

  • All endpoints tested
  • Vulnerabilities documented
  • Remediation provided
  • Report generated
  • security-audit - Security auditing
  • web-security-testing - Web security
  • api-development - API development

Limitations

  • Use this skill only when the task clearly matches the scope described above.
  • Do not treat the output as a substitute for environment-specific validation, testing, or expert review.
  • Stop and ask for clarification if required inputs, permissions, safety boundaries, or success criteria are missing.

Verwandte Fähigkeiten

Looking for an alternative to api-security-testing or another community skill for your workflow? Explore these related open-source skills.

Alle anzeigen

openclaw-release-maintainer

Logo of openclaw
openclaw

Lokalisierte Zusammenfassung: 🦞 # OpenClaw Release Maintainer Use this skill for release and publish-time workflow. It covers ai, assistant, crustacean workflows. This AI agent skill supports Claude Code, Cursor, and Windsurf workflows.

333.8k
0
Künstliche Intelligenz

widget-generator

Logo of f
f

Lokalisierte Zusammenfassung: Generate customizable widget plugins for the prompts.chat feed system # Widget Generator Skill This skill guides creation of widget plugins for prompts.chat . It covers ai, artificial-intelligence, awesome-list workflows. This AI agent skill supports Claude Code

149.6k
0
Künstliche Intelligenz

flags

Logo of vercel
vercel

Lokalisierte Zusammenfassung: The React Framework # Feature Flags Use this skill when adding or changing framework feature flags in Next.js internals. It covers blog, browser, compiler workflows. This AI agent skill supports Claude Code, Cursor, and Windsurf workflows.

138.4k
0
Browser

pr-review

Logo of pytorch
pytorch

Lokalisierte Zusammenfassung: Usage Modes No Argument If the user invokes /pr-review with no arguments, do not perform a review . It covers autograd, deep-learning, gpu workflows. This AI agent skill supports Claude Code, Cursor, and Windsurf workflows.

98.6k
0
Entwickler