api-security-testing — for Claude Code api-security-testing, ai-agent-foundation-template, community, for Claude Code, ide skills, api-fuzzing-bug-bounty, scanning-tools, broken-authentication, idor-testing, sql-injection-testing

v1.0.0
GitHub

Об этом навыке

Подходящий сценарий: Ideal for AI agents that need api security testing workflow. Локализованное описание: # API Security Testing Workflow Overview Specialized workflow for testing REST and GraphQL API security including authentication, authorization, rate limiting, input validation, and API-specific vulnerabilities. This AI agent skill supports Claude Code, Cursor, and

Возможности

API Security Testing Workflow
When to Use This Workflow
Use this workflow when:
Testing REST API security
Assessing GraphQL endpoints

# Ключевые темы

for Claude Code api-fuzzing-bug-bounty scanning-tools broken-authentication idor-testing sql-injection-testing
MMEHDI0606 MMEHDI0606
[2]
[0]
Обновлено: 4/23/2026

Skill Overview

Start with fit, limitations, and setup before diving into the repository.

Подходящий сценарий: Ideal for AI agents that need api security testing workflow. Локализованное описание: # API Security Testing Workflow Overview Specialized workflow for testing REST and GraphQL API security including authentication, authorization, rate limiting, input validation, and API-specific vulnerabilities. This AI agent skill supports Claude Code, Cursor, and

Зачем использовать этот навык

Рекомендация: api-security-testing helps agents api security testing workflow. API Security Testing Workflow Overview Specialized workflow for testing REST and GraphQL API security including authentication

Подходит лучше всего

Подходящий сценарий: Ideal for AI agents that need api security testing workflow.

Реализуемые кейсы использования for api-security-testing

Сценарий использования: Applying API Security Testing Workflow
Сценарий использования: Applying When to Use This Workflow
Сценарий использования: Applying Use this workflow when:

! Безопасность и ограничения

  • Ограничение: Requires repository-specific context from the skill documentation
  • Ограничение: Works best when the underlying tools and dependencies are already configured

About The Source

The section below comes from the upstream repository. Use it as supporting material alongside the fit, use-case, and installation summary on this page.

Labs-демо

Browser Sandbox Environment

⚡️ Ready to unleash?

Experience this Agent in a zero-setup browser environment powered by WebContainers. No installation required.

Boot Container Sandbox

FAQ и шаги установки

These questions and steps mirror the structured data on this page for better search understanding.

? Частые вопросы

Что такое api-security-testing?

Подходящий сценарий: Ideal for AI agents that need api security testing workflow. Локализованное описание: # API Security Testing Workflow Overview Specialized workflow for testing REST and GraphQL API security including authentication, authorization, rate limiting, input validation, and API-specific vulnerabilities. This AI agent skill supports Claude Code, Cursor, and

Как установить api-security-testing?

Выполните команду: npx killer-skills add MMEHDI0606/ai-agent-foundation-template/api-security-testing. Она работает с Cursor, Windsurf, VS Code, Claude Code и более чем 19 другими IDE.

Для чего можно использовать api-security-testing?

Ключевые сценарии использования: Сценарий использования: Applying API Security Testing Workflow, Сценарий использования: Applying When to Use This Workflow, Сценарий использования: Applying Use this workflow when:.

Какие IDE совместимы с api-security-testing?

Этот навык совместим с Cursor, Windsurf, VS Code, Trae, Claude Code, OpenClaw, Aider, Codex, OpenCode, Goose, Cline, Roo Code, Kiro, Augment Code, Continue, GitHub Copilot, Sourcegraph Cody, and Amazon Q Developer. Для единой установки используйте CLI Killer-Skills.

Есть ли ограничения у api-security-testing?

Ограничение: Requires repository-specific context from the skill documentation. Ограничение: Works best when the underlying tools and dependencies are already configured.

Как установить этот skill

  1. 1. Откройте терминал

    Откройте терминал или командную строку в директории проекта.

  2. 2. Запустите команду установки

    Выполните: npx killer-skills add MMEHDI0606/ai-agent-foundation-template/api-security-testing. CLI автоматически определит вашу IDE или агента и настроит навык.

  3. 3. Начните использовать skill

    Skill уже активен. Ваш AI-агент может сразу использовать api-security-testing в текущем проекте.

! Source Notes

This page is still useful for installation and source reference. Before using it, compare the fit, limitations, and upstream repository notes above.

Upstream Repository Material

The section below comes from the upstream repository. Use it as supporting material alongside the fit, use-case, and installation summary on this page.

Upstream Source

api-security-testing

Install api-security-testing, an AI agent skill for AI agent workflows and automation. Explore features, use cases, limitations, and setup guidance.

SKILL.md
Readonly
Upstream Repository Material
The section below comes from the upstream repository. Use it as supporting material alongside the fit, use-case, and installation summary on this page.
Upstream Source

API Security Testing Workflow

Overview

Specialized workflow for testing REST and GraphQL API security including authentication, authorization, rate limiting, input validation, and API-specific vulnerabilities.

When to Use This Workflow

Use this workflow when:

  • Testing REST API security
  • Assessing GraphQL endpoints
  • Validating API authentication
  • Testing API rate limiting
  • Bug bounty API testing

Workflow Phases

Phase 1: API Discovery

Skills to Invoke

  • api-fuzzing-bug-bounty - API fuzzing
  • scanning-tools - API scanning

Actions

  1. Enumerate endpoints
  2. Document API methods
  3. Identify parameters
  4. Map data flows
  5. Review documentation

Copy-Paste Prompts

Use @api-fuzzing-bug-bounty to discover API endpoints

Phase 2: Authentication Testing

Skills to Invoke

  • broken-authentication - Auth testing
  • api-security-best-practices - API auth

Actions

  1. Test API key validation
  2. Test JWT tokens
  3. Test OAuth2 flows
  4. Test token expiration
  5. Test refresh tokens

Copy-Paste Prompts

Use @broken-authentication to test API authentication

Phase 3: Authorization Testing

Skills to Invoke

  • idor-testing - IDOR testing

Actions

  1. Test object-level authorization
  2. Test function-level authorization
  3. Test role-based access
  4. Test privilege escalation
  5. Test multi-tenant isolation

Copy-Paste Prompts

Use @idor-testing to test API authorization

Phase 4: Input Validation

Skills to Invoke

  • api-fuzzing-bug-bounty - API fuzzing
  • sql-injection-testing - Injection testing

Actions

  1. Test parameter validation
  2. Test SQL injection
  3. Test NoSQL injection
  4. Test command injection
  5. Test XXE injection

Copy-Paste Prompts

Use @api-fuzzing-bug-bounty to fuzz API parameters

Phase 5: Rate Limiting

Skills to Invoke

  • api-security-best-practices - Rate limiting

Actions

  1. Test rate limit headers
  2. Test brute force protection
  3. Test resource exhaustion
  4. Test bypass techniques
  5. Document limitations

Copy-Paste Prompts

Use @api-security-best-practices to test rate limiting

Phase 6: GraphQL Testing

Skills to Invoke

  • api-fuzzing-bug-bounty - GraphQL fuzzing

Actions

  1. Test introspection
  2. Test query depth
  3. Test query complexity
  4. Test batch queries
  5. Test field suggestions

Copy-Paste Prompts

Use @api-fuzzing-bug-bounty to test GraphQL security

Phase 7: Error Handling

Skills to Invoke

  • api-security-best-practices - Error handling

Actions

  1. Test error messages
  2. Check information disclosure
  3. Test stack traces
  4. Verify logging
  5. Document findings

Copy-Paste Prompts

Use @api-security-best-practices to audit API error handling

API Security Checklist

  • Authentication working
  • Authorization enforced
  • Input validated
  • Rate limiting active
  • Errors sanitized
  • Logging enabled
  • CORS configured
  • HTTPS enforced

Quality Gates

  • All endpoints tested
  • Vulnerabilities documented
  • Remediation provided
  • Report generated
  • security-audit - Security auditing
  • web-security-testing - Web security
  • api-development - API development

Limitations

  • Use this skill only when the task clearly matches the scope described above.
  • Do not treat the output as a substitute for environment-specific validation, testing, or expert review.
  • Stop and ask for clarification if required inputs, permissions, safety boundaries, or success criteria are missing.

Связанные навыки

Looking for an alternative to api-security-testing or another community skill for your workflow? Explore these related open-source skills.

Показать все

openclaw-release-maintainer

Logo of openclaw
openclaw

Локализованное описание: 🦞 # OpenClaw Release Maintainer Use this skill for release and publish-time workflow. It covers ai, assistant, crustacean workflows. This AI agent skill supports Claude Code, Cursor, and Windsurf workflows.

333.8k
0
Искусственный интеллект

widget-generator

Logo of f
f

Локализованное описание: Generate customizable widget plugins for the prompts.chat feed system # Widget Generator Skill This skill guides creation of widget plugins for prompts.chat . It covers ai, artificial-intelligence, awesome-list workflows. This AI agent skill supports Claude Code, Cursor

149.6k
0
Искусственный интеллект

flags

Logo of vercel
vercel

Локализованное описание: The React Framework # Feature Flags Use this skill when adding or changing framework feature flags in Next.js internals. It covers blog, browser, compiler workflows. This AI agent skill supports Claude Code, Cursor, and Windsurf workflows.

138.4k
0
Браузер

pr-review

Logo of pytorch
pytorch

Локализованное описание: Usage Modes No Argument If the user invokes /pr-review with no arguments, do not perform a review . It covers autograd, deep-learning, gpu workflows. This AI agent skill supports Claude Code, Cursor, and Windsurf workflows.

98.6k
0
Разработчик