Provide comprehensive techniques for testing REST, SOAP, and GraphQL APIs during bug bounty hunting and penetration testing engagements. Covers vulnerability discovery, authentication bypass, IDOR exploitation, and API-specific attack vectors.
This skill is applicable to execute the workflow or actions described in the overview.
AI-powered evaluation of trust, security posture, quality signals, and fit for your use case. Grounded in the skill's actual data.
Detected signals: hidden HTML comments, network calls in instructions, missing license.
• Makes external network requests. Check SKILL.md for which endpoints are contacted and why.
• Contains HTML comments in the skill definition. This is sometimes used to embed hidden instructions. Review the raw SKILL.md if you want to audit the full content.
• No license declared. Usage rights are ambiguous — contact the skill author before using commercially.
Compare this skill side-by-side with an alternative to find the best fit.
Compare with another skill →