exploiting-mass-assignment-in-rest-apis
Warn
Audited by Socket on Apr 9, 2026
1 alert found:
SecuritySecuritySKILL.md
MEDIUMSecurityMEDIUM
SKILL.md
SUSPICIOUS: the skill is internally consistent, but its purpose is offensive security and it gives an AI agent concrete exploitation steps against REST APIs, including authenticated privilege escalation and business-logic abuse. Tool references are mostly legitimate, yet the operational footprint is still high-risk because it enables real-world attacks rather than benign documentation or defensive validation alone.
Confidence: 93%Severity: 88%
Audit Metadata