api-security
Installation
SKILL.md
API Security
Test and audit API endpoints for common security vulnerabilities.
Authentication Testing
Test for broken authentication
# Test endpoint without auth (should return 401)
curl -s -o /dev/null -w "%{http_code}" https://api.example.com/protected
# Test with expired token
curl -s -o /dev/null -w "%{http_code}" -H "Authorization: Bearer expired.token.here" https://api.example.com/protected
# Test with empty auth header
curl -s -o /dev/null -w "%{http_code}" -H "Authorization: " https://api.example.com/protected