Stats
Actions
Tags
From soundcheck
Detects GraphQL schemas missing depth limits, cost analysis, or production introspection controls. Audits Apollo, Yoga, Strawberry, gqlgen and other frameworks.
How this skill is triggered — by the user, by Claude, or both
Slash command
/soundcheck:graphql-securityThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Protects against GraphQL-specific attack vectors: unbounded query depth that causes
Protects against GraphQL-specific attack vectors: unbounded query depth that causes exponential resolver execution, introspection left enabled in production (exposing the full schema to attackers), and batch/alias attacks that bypass rate limiting.
Flag the vulnerable code and explain the risk. Translate the principles below to the language and framework of the audited file — use that stack's documented validation rule, plugin, or middleware API; do not roll your own.
For each finding, establish these properties:
login selections count as a thousand
attempts.npx claudepluginhub thejefflarson/soundcheck --plugin soundcheckSecures GraphQL APIs against introspection leaks, deep query abuse, and authorization bypass. Use when building, reviewing, or auditing GraphQL schemas, resolvers, or gateway configurations.
Secures GraphQL APIs by limiting query depth/complexity, disabling introspection in production, and enforcing field-level authorization. Based on OWASP guidelines.
Assesses GraphQL API endpoints for introspection leaks, injection attacks, authorization flaws, and DoS vulnerabilities during authorized security tests.