Skills
.Work. You
Rest

web-vuln-graphql

Community

Tests GraphQL APIs for security misconfigurations.

Software Engineering#authorization#graphql#introspection#security-testing#dos#rate-limit#idor
Authorwoohyun212
Version1.0.0
Installs0

System Documentation

What problem does it solve?

Tests GraphQL APIs for security misconfigurations and improper access control, enabling faster discovery of exposure risks.

Core Features & Use Cases

  • Introspection exposure checks and field-level authorization assessment
  • Node() interface IDOR testing and schema mapping when allowed
  • Query batching, alias-based rate-limit bypass, mutation authorization checks, and nested query DoS testing
  • Directive overloading validations and practical bug-bounty oriented scenarios

Quick Start

Provide a sample GraphQL endpoint URL and token, then run the tests as described to map the schema and test for misconfigurations.

Dependency Matrix

Required Modules

None required

Components

Standard package

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: web-vuln-graphql
Download link: https://github.com/woohyun212/security-skill/archive/main.zip#web-vuln-graphql

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.