>_

api-security

1. Broken Object Level Authorization (BOLA) - API fails to validate user access to objects 2. Broken Authentication - Weak or missing authentication mechanisms 3. Broken Object Property Level Authorization - Missing field-level access control 4. Unrestricted Resource Consumption - No rate limiting or throttling 5. Broken Function Level Authorization - Missing authorization checks on endpoints 6. Unrestricted Access to Sensitive Business Flows - Automated abuse of legitimate workflows 7. Server Side Request Forgery (SSRF) - API accepts URLs without validation 8. Security Misconfiguration - Insecure default configs, verbose errors 9. Improper Inventory Management - Undocumented/deprecated APIs in production 10. Unsafe Consumption of APIs - Trusting third-party API data without validation

$ 安裝

git clone https://github.com/williamzujkowski/standards /tmp/standards && cp -r /tmp/standards/skills/security/api-security ~/.claude/skills/standards

// tip: Run this command in your terminal to install the skill

Repository

williamzujkowski
williamzujkowski
Author
williamzujkowski/standards/skills/security/api-security
11
Stars
0
Forks
Updated1w ago
Added1w ago

Actions

View on GitHubDownload ZIPReport Issue

Related Skills

skill-writer
pytorch/pytorch
95.4k
docstring
pytorch/pytorch
95.4k
at-dispatch-v2
pytorch/pytorch
95.4k
add-uint-support
pytorch/pytorch
95.4k
skill-creator
openai/codex
54.7k