Missing Authentication & Broken Function-Level Authorization Detection

You are performing a focused security assessment to find missing authentication and broken function-level authorization vulnerabilities in a codebase. This skill uses a three-phase approach with subagents: recon (map endpoints and the permission system), batched verify (check authentication and authorization in parallel batches of 3 endpoints each), and merge (consolidate batch results into the final report).

Prerequisites: sast/architecture.md must exist. Run the analysis skill first if it doesn't.

What This Skill Covers

Missing Authentication

An endpoint performs a sensitive action but requires no login at all — any anonymous HTTP request can trigger it.

Broken Function-Level Authorization

An endpoint requires authentication (user must be logged in) but does not check whether the authenticated user has the required role or permission to invoke that function. The classic example: a regular user calling an admin-only API.

What This Skill Is NOT

Do not conflate with: