scanning-api-security | api-security-scanner | ClaudePluginHub

Skill

Community

scanning-api-security

From api-security-scanner

847

Description

Detect API security vulnerabilities including injection, broken auth, and data exposure. Use when scanning APIs for security vulnerabilities. Trigger with phrases like "scan API security", "check for vulnerabilities", or "audit API security".

Install

1

Add the repository(one-time)

$

/plugin marketplace add jeremylongshore/claude-code-plugins-plus

2

Install the plugin

$

/plugin install api-security-scanner@claude-code-plugins-plus

Tool Access

This skill is limited to using the following tools:

ReadWriteEditGrepGlobBash(api:security-*)

Skill Content

Scanning Api Security

Overview

This skill provides automated assistance for api security scanner tasks. This skill provides automated assistance for the described functionality.

Prerequisites

Before using this skill, ensure you have:

API design specifications or requirements documented
Development environment with necessary frameworks installed
Database or backend services accessible for integration
Authentication and authorization strategies defined
Testing tools and environments configured

Instructions

Use Read tool to examine existing API specifications from {baseDir}/api-specs/
Define resource models, endpoints, and HTTP methods
Document request/response schemas and data types
Identify authentication and authorization requirements
Plan error handling and validation strategies
Generate boilerplate code using Bash(api:security-*) with framework scaffolding
Implement endpoint handlers with business logic
Add input validation and schema enforcement
Integrate authentication and authorization middleware
Configure database connections and ORM models
Write integration tests covering all endpoints

See {baseDir}/references/implementation.md for detailed implementation guide.

Output

{baseDir}/src/routes/ - Endpoint route definitions
{baseDir}/src/controllers/ - Business logic handlers
{baseDir}/src/models/ - Data models and schemas
{baseDir}/src/middleware/ - Authentication, validation, logging
{baseDir}/src/config/ - Configuration and environment variables
OpenAPI 3.0 specification with complete endpoint definitions

Error Handling

See {baseDir}/references/errors.md for comprehensive error handling.

Examples

See {baseDir}/references/examples.md for detailed examples.

Resources

Express.js and Fastify for Node.js APIs
Flask and FastAPI for Python APIs
Spring Boot for Java APIs
Gin and Echo for Go APIs
OpenAPI Specification 3.0+ for API documentation

Links

GitHub Stats

0 forks

Updated 3 days ago

Similar Skills

auth-implementation-patterns

Master authentication and authorization patterns including JWT, OAuth2, session management, and RBAC to build secure, scalable access control systems. Use when implementing auth systems, securing APIs, or debugging security issues.

developer-essentials

24.7k

bazel-build-optimization

Optimize Bazel builds for large-scale monorepos. Use when configuring Bazel, implementing remote execution, or optimizing build performance for enterprise codebases.

developer-essentials

24.7k

code-review-excellence

Master effective code review practices to provide constructive feedback, catch bugs early, and foster knowledge sharing while maintaining team morale. Use when reviewing pull requests, establishing review standards, or mentoring developers.

developer-essentials

24.7k