ワンクリックで
sc-graphql
GraphQL injection, introspection abuse, query complexity attacks, and authorization bypass detection
Codex または Claude でインストール この Prompt をコピーして Codex、Claude、または他のアシスタントに貼り付けると、Skill ページを確認してインストールできます。
メニュー
GraphQL injection, introspection abuse, query complexity attacks, and authorization bypass detection
Codex または Claude でインストール この Prompt をコピーして Codex、Claude、または他のアシスタントに貼り付けると、Skill ページを確認してインストールできます。
SOC 職業分類に基づく
| name | sc-graphql |
| description | GraphQL injection, introspection abuse, query complexity attacks, and authorization bypass detection |
| license | MIT |
| metadata | {"author":"ersinkoc","category":"security","version":"1.0.0"} |
Detects GraphQL-specific security vulnerabilities including query injection, introspection information disclosure, batching abuse, nested query denial-of-service, field-level authorization bypass, and subscription hijacking. Covers Apollo Server, graphql-yoga, Strawberry, Graphene, gqlgen, and HotChocolate.
Called by sc-orchestrator during Phase 2 when GraphQL schema files, resolvers, or GraphQL dependencies are detected.
**/*.graphql, **/*.gql, **/schema.*, **/typeDefs.*, **/resolvers.*,
**/*resolver*, **/*schema*, **/*graphql*, **/mutations/*, **/queries/*,
**/subscriptions/*, **/directives/*
"typeDefs", "resolvers", "ApolloServer", "graphql-yoga", "makeExecutableSchema",
"buildSchema", "@Query", "@Mutation", "@Resolver", "GraphQLObjectType",
"introspection", "depthLimit", "costAnalysis", "complexityLimit",
"__schema", "__type", "subscription", "directive"
1. Introspection Enabled in Production
introspection: true, missing introspection config, NODE_ENV checks2. Query Depth/Complexity Limits Missing
graphql-depth-limit, depthLimit, @complexitygraphql-query-complexity, costAnalysis3. Batching Without Limits
allowBatchedHttpRequests, batch query handler, array query acceptance4. Field-Level Authorization
@auth, @hasRole, @authenticated5. SQL/NoSQL Injection in Resolvers
6. Information Disclosure via Error Messages
formatError, debug: true, stack trace exposure7. Subscription Authorization
# Attack: Deeply nested query (no depth limit)
query {
user(id: 1) {
posts {
author {
posts {
author {
posts { # ...repeating to depth 50+
title
}
}
}
}
}
}
}
// VULNERABLE: No depth or complexity limits
const server = new ApolloServer({
typeDefs,
resolvers,
});
// SAFE: With depth and complexity limits
import depthLimit from 'graphql-depth-limit';
import { createComplexityLimitRule } from 'graphql-validation-complexity';
const server = new ApolloServer({
typeDefs,
resolvers,
validationRules: [
depthLimit(10),
createComplexityLimitRule(1000),
],
introspection: process.env.NODE_ENV !== 'production',
});
// VULNERABLE: No auth check in resolver
const resolvers = {
Mutation: {
deleteUser: async (_, { id }, context) => {
return await User.findByIdAndDelete(id); // Anyone can delete any user
}
}
};
// SAFE: Auth check in resolver
const resolvers = {
Mutation: {
deleteUser: async (_, { id }, context) => {
if (!context.user || context.user.role !== 'admin') {
throw new ForbiddenError('Not authorized');
}
return await User.findByIdAndDelete(id);
}
}
};
Comprehensive AI-powered security scanning suite with 48 skills covering OWASP Top 10, 7 language-specific deep scanners (Go, TypeScript, Python, PHP, Rust, Java, C#), supply chain analysis, infrastructure-as-code scanning, and 3000+ checklist items. Use when you need to run a security audit, find vulnerabilities, scan a PR for security issues, or perform a penetration test on a codebase.
C#/.NET-specific security deep scan
Go-specific security deep scan
Java/Kotlin-specific security deep scan
PHP-specific security deep scan
Python-specific security deep scan