api-security

Installation

SKILL.md

API Security

Test API endpoints for security vulnerabilities across REST, GraphQL, WebSocket, and LLM-integrated APIs.

Techniques

Type	Key Vectors
GraphQL	Introspection, batching attacks, nested query DoS, field suggestion
REST API	BOLA/IDOR, mass assignment, rate limiting, auth bypass, versioning
WebSocket	Cross-site hijacking, message manipulation, auth flaws
Web-LLM	Prompt injection via API, excessive agency, data exfiltration

Workflow

Discover API endpoints and documentation (Swagger, GraphQL schema)
Map authentication and authorization mechanisms
Test per API type using appropriate techniques
Validate data exposure and access control flaws

Related skills

More from transilienceai/communitytools

hackerone
HackerOne bug bounty automation - parses scope CSVs, deploys parallel pentesting agents per asset, validates PoCs, and generates platform-ready submission reports.
58
reconnaissance
Domain assessment and web application mapping - subdomain discovery, port scanning, endpoint enumeration, API discovery, and attack surface analysis.
46
social-engineering
Social engineering testing - phishing, pretexting, vishing, and physical security assessment techniques.
44
ai-threat-testing
Offensive AI security testing and exploitation framework. Systematically tests LLM applications for OWASP Top 10 vulnerabilities including prompt injection, model extraction, data poisoning, and supply chain attacks. Integrates with pentest workflows to discover and exploit AI-specific threats.
43
osint
Open-source intelligence gathering - company repository enumeration, secret scanning, git history analysis, employee footprint, and code exposure discovery.
42
source-code-scanning
Security-focused source code review and SAST. Scans for vulnerabilities (OWASP Top 10, CWE Top 25), CVEs in third-party dependencies/packages, hardcoded secrets, malicious code, and insecure patterns. Use when given source code, a repo path, or asked to "audit", "scan", "review" code security, or "check dependencies for CVEs".
41

Installs

36

Repository

transilienceai/…itytools

GitHub Stars

258

First Seen

Mar 21, 2026

Security Audits

Gen Agent Trust HubFail