security-review-owasp-graphql
CommunityAudit GraphQL auth and query abuse
Authorsjinks
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill helps you review GraphQL services for weaknesses that expose sensitive data or overload production systems, including resolver-level authorization gaps, expensive query shapes, batching abuse, and downstream injection paths.
Core Features & Use Cases
- Schema and resolver review: Inspect queries, mutations, subscriptions, and field-level access control instead of relying only on top-level route authentication.
- Abuse-path analysis: Evaluate depth, complexity, pagination, introspection, batching, and error handling for practical exploitation risk.
- Evidence-based findings: Produce concrete security findings tied to code, configuration, tests, or observable behavior, with minimal remediation guidance.
- Use case: A reviewer can assess a GraphQL API before release to confirm that sensitive fields are gated and that expensive queries cannot be abused.
Quick Start
Use the security-review-owasp-graphql skill to review the selected GraphQL schema, resolvers, and production settings for authorization gaps, query abuse, and downstream injection risks.
Dependency Matrix
Required Modules
None requiredComponents
references
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: security-review-owasp-graphql Download link: https://github.com/sjinks/ai-owasp-skillset/archive/main.zip#security-review-owasp-graphql Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 536,000+ vetted skills library on demand.