access-control-audit
Installation
SKILL.md
Access Control Audit (OWASP A05)
Detect and fix broken access control vulnerabilities including IDOR, privilege escalation, and missing authorization checks.
When to Use
- Implementing authorization logic
- Auditing API endpoint permissions
- Reviewing admin functionality
- Checking resource ownership
- Implementing role-based access
- Preventing privilege escalation
Common Vulnerabilities
| Vulnerability | Risk | Example |
|---|---|---|
| IDOR | HIGH | /api/users/123 accessible by any user |
| Missing Auth Check | CRITICAL | Admin endpoints without verification |
Related skills