api-security-testing

API security testing workflow for REST and GraphQL APIs covering authentication, authorization, rate limiting, input validation, and security best practices.

1.10x

Quality

26%

Does it follow best practices?

Impact

96%

1.10x

Average score across 3 eval scenarios

Securityby

Passed

No known issues

Optimize this skill with Tessl

npx tessl skill review --optimize ./skills/api-security-testing/SKILL.md

Evaluation results

89%

Payment API Security Assessment Plan

Multi-phase security workflow structure

Criteria

Without context

With context

7 phases present

46%

53%

Phase 1 discovery actions

100%

Phase 2 auth actions

60%

Phase 3 authorization actions

100%

Phase 4 injection types

50%

100%

Phase 5 rate limit actions

100%

Phase 7 error handling actions

80%

100%

Security checklist items

100%

Quality gate: remediation

100%

Quality gate: report

100%

17%

GraphQL API Security Review for HealthTrack Platform

GraphQL security testing phases

Criteria

Without context

With context

Introspection testing

100%

Query depth testing

100%

Query complexity testing

100%

Batch query testing

100%

Field suggestion testing

100%

Error message testing

100%

Information disclosure check

100%

Logging verification

30%

100%

Security checklist coverage

100%

Quality gate: report and remediation

100%

API Security Vulnerability Assessment: ShopCore E-Commerce Backend

Auth/authorization vulnerability documentation

Criteria

Without context

With context

JWT expiration finding

100%

Hardcoded secret finding

100%

OAuth2/token validation coverage

85%

100%

Object-level authorization finding

100%

Privilege escalation finding

100%

Unauthorized admin access finding

100%

SQL injection finding

100%

Information disclosure finding

100%

Quality gate: remediation provided

100%

Quality gate: report structure

100%

Repository: sickn33/antigravity-awesome-skills
Commit: 7241463

Evaluated: 29 days ago
Agent: Claude Code
Model: Claude Sonnet 4.6

Table of Contents

Payment API Security Assessment Plan GraphQL API Security Review for HealthTrack Platform API Security Vulnerability Assessment: ShopCore E-Commerce Backend

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.