defensive-graphql
CommunityDetect GraphQL abuse and harden APIs.
Authorriparino
Version1.0.0
Installs0
System Documentation
What problem does it solve?
GraphQL endpoints are often exposed to unauthenticated or misconfigured clients, enabling introspection leakage and abuse through poorly constrained queries. This skill provides detection rules and hardening guidance to curb introspection exposure, batch queries, and deeply nested queries, reducing risk exposure.
Core Features & Use Cases
- Detect introspection requests from untrusted sources and disable them in production.
- Identify batch/DoS patterns and unusual aliasing in mutations to prevent brute-force and resource exhaustion.
- Provide Sigma (SIEM) detection rules and KQL queries for monitoring GraphQL activity in cloud deployments.
- Use cases include API security monitoring, threat-hunting workflows, and proactive GraphQL hardening.
Quick Start
Use this skill to enable detection and hardening rules for your GraphQL endpoint.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: defensive-graphql Download link: https://github.com/riparino/Claude-Cyber/archive/main.zip#defensive-graphql Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.