一键在 Manus 中运行任何 Skill

backend-security-audit

Audit a backend against the OWASP API Security Top 10 — BOLA/BFLA, injection, secrets, mass assignment — with an exploit scenario per finding. Use when adding auth/external input, before shipping, or on a quarterly security review. Not for implementing auth from scratch (use authentication / authorization) — each finding maps to its sibling skill for the fix.

在 Manus 中运行

星标0

分支0

更新时间2026年6月8日 13:41

来源

JayKim88

JayKim88/claude-ai-engineering

打开 GitHub 仓库查看创作者相关仓库

安装命令

下载

在 Manus 中运行

SKILL.md

readonly

name	backend-security-audit
description	Audit a backend against the OWASP API Security Top 10 — BOLA/BFLA, injection, secrets, mass assignment — with an exploit scenario per finding. Use when adding auth/external input, before shipping, or on a quarterly security review. Not for implementing auth from scratch (use authentication / authorization) — each finding maps to its sibling skill for the fix.
license	MIT

Backend Security Audit

Purpose

Systematically check a backend against the OWASP API Security Top 10, producing findings with a concrete exploit scenario each — so the team understands the attack, not just the rule.

Universal — the OWASP API Top 10 is a vendor-neutral, exploit-oriented taxonomy that maps to any backend; only the fix syntax differs.

Procedure

Audit against the OWASP API Security Top 10 (2023). For each finding, write the exploit scenario (how an attacker abuses it) — this is the differentiator from a generic checklist.

API1 BOLA (Broken Object Level Authorization) — #1, ~40% of API attacks
- Can a user access another's object by changing an ID? → row-level authz missing (see authorization RLS)
API2 Broken Authentication
- Weak tokens, no rotation, alg confusion (see authentication)
API3 Broken Object Property Level Authorization (mass assignment / excessive data exposure)
- Does the API accept/return fields the user shouldn't set/see? → explicit allow-lists, DTOs
API5 BFLA (Broken Function Level Authorization)
- Can a regular user hit admin endpoints? → RBAC at every privileged route
API4 Unrestricted Resource Consumption
- Rate limiting, pagination caps, payload size limits, query depth/complexity limits (GraphQL)
API8 Security Misconfiguration
- CORS not wildcard for credentialed endpoints; security headers; verbose errors disabled in prod
Injection (cross-cutting)
- Note: standalone "Injection" was API8:2019 — in the 2023 edition it's folded across categories rather than its own item, but still audit it
- Parameterized queries only (ORM by default); never string-concatenate SQL; validate input (see data-validation)
Secrets management (cross-cutting)
- Not a numbered Top-10 item but a practical must: no secrets in code/client-shipped env; use a secret manager; rotate; scan with gitleaks/trufflehog
API7 SSRF (Server-Side Request Forgery) — call this out explicitly
- User-supplied URL fed into fetch / axios → attacker pivots through the server. Defenses: allowlist hosts; block cloud metadata IPs (169.254.169.254 AWS/GCP/Azure, 100.100.100.200 Alibaba, link-local + private CIDRs); validate the resolved IP, not just the input string (DNS rebinding); set a strict timeout
- Egress firewall is the structural defense; URL validation alone is not enough
API10 Unsafe Consumption of APIs — trust the wire as much as the user

Treat third-party API responses as untrusted: validate shape (see data-validation), cap response sizes, time out generously but not infinitely
JSON-bomb / zip-bomb / oversized-payload defenses on every downstream consumer

CSRF (cookie-auth web apps) — outside the API Top 10 but on the same backend

For sessions / cookie tokens: SameSite=Lax|Strict cookies + origin check on state-changing requests (header-token tokens like Authorization are immune)
Also review remaining 2023 items not enumerated above (API6 Sensitive Business Flows, API9 Improper Inventory)

Validate (validation loop)

For each Critical finding, reproduce the exploit (BOLA: actually fetch another user's record) → fix → re-attempt → verify blocked
Run eslint-plugin-security / semgrep --config=auto + gitleaks + dependency audit; triage each hit; re-run until clean or documented

Anti-patterns

❌ Anti-pattern	✅ Correct
Object access by ID with no ownership check	Row-level authz (RLS) verified per request
String-concatenated SQL	Parameterized queries / ORM
Accepting all body fields (mass assignment)	Explicit DTO allow-list
Secrets in env vars shipped to client	Secret manager; server-only; scanned
Wildcard CORS on credentialed endpoints	Explicit origin allow-list
User-supplied URL fed into `fetch` (SSRF)	Allowlist hosts; block metadata IPs (`169.254.169.254`); validate resolved IP, not just input
Trusting third-party API response shape (API10)	Validate shape + cap response size + bounded timeout
Cookie-auth state-changing endpoint with no CSRF defense	`SameSite=Lax/Strict` + origin / CSRF-token check

Severity tiers

Tier	Examples	Action SLA
Critical	BOLA leaking other users' data; SQL injection; secret in repo; admin endpoint reachable by regular user (BFLA); SSRF reachable to cloud metadata; cookie-auth state-change with no CSRF defense	Block release; fix immediately
Major	Missing rate limits; mass assignment; CORS wildcard; trusting third-party API response without validation/size cap	Fix this sprint
Minor	Verbose error messages; missing security header; outbound URL allow-list maintained ad-hoc	Schedule within 2 sprints

Completion Criteria

Key OWASP API Top 10 (2023) categories checked + cross-cutting concerns (injection, secrets)
Each finding has an exploit scenario
BOLA reproduced + fixed + re-verified blocked
Static analysis + secret scan clean (or documented)
All Critical fixed; all Major scheduled

Output

Report: docs/security-audit-YYYY-MM-DD.md — per finding: OWASP category, file:line, exploit scenario, fix, severity
Code fixes per finding
Commit format: fix(security): <description> [OWASP-API#N, severity]

Stop & Ask (AI must pause for user approval)

Before changing auth/authz logic to fix a finding — can lock users out if wrong
Before rotating/removing a secret found in the repo — coordinate rotation with deploys
Before tightening CORS/CSP in production config — verify no legitimate client breaks

Implementation

TypeScript + NestJS + Supabase (default)

Injection: Prisma parameterizes by default; never $queryRawUnsafe with interpolation
BOLA/BFLA: NestJS guards (RBAC) + Supabase RLS (row) — see authorization
Mass assignment: explicit DTOs + class-validator/Zod (see data-validation)
Scanning: eslint-plugin-security, semgrep --config=auto, gitleaks, npm audit

Other stacks

Python / FastAPI: bandit static analysis; Pydantic prevents mass assignment; parameterized SQLAlchemy
Go: gosec; database/sql parameterized queries
Universal: OWASP API Top 10 categories are framework-independent; semgrep, gitleaks, trivy work across stacks

Related skills

authorization — BOLA/BFLA findings are fixed via RBAC + RLS
authentication — broken auth is a top OWASP category
data-validation — input validation is the first injection defense

Reference

Key insight encoded: BOLA is the #1 API vulnerability — function-level auth without row-level auth is the most common gap. Every finding gets a reproducible exploit scenario.

同仓库更多 Skills

同仓库

ai-llm-backend

JayKim88/claude-ai-engineering

Build LLM features on the backend — deterministic agent loops (round-trip every tool call by id), RAG over a vector store, token/cost accounting, streaming, eval harness, and prompt-injection defense (treat all model context as untrusted). Use when adding an AI feature, building RAG, or wiring an agent loop. Not for the AI streaming UI on the frontend (use frontend-toolkit's AI integration) or general boundary input parsing (use data-validation).

2026-06-080

api-contract

JayKim88/claude-ai-engineering

Define a schema-first API contract — standardized error envelope (RFC 9457), pagination, status codes, consistent JSON shapes. Use when establishing API conventions, before multiple teams consume an API, or when error responses are inconsistent. Not for choosing the protocol or modeling resources (use api-design) or for runtime input parsing at the boundary (use data-validation).

2026-06-080

api-design

JayKim88/claude-ai-engineering

Choose the API protocol (REST / GraphQL / gRPC) by traffic shape and design resources, versioning, and async patterns. Use when adding a new API surface, designing a service boundary, or when clients complain about over/under-fetching. Not for the schema/error envelope details (use api-contract) or per-resource access control (use authorization).

2026-06-080

architecture-improvement

JayKim88/claude-ai-engineering

Default to a modular monolith with enforced internal boundaries; treat microservices as a destination after boundaries prove stable, not a starting point. Use when structuring a backend, when tempted to split into services, or when module boundaries blur. Not for the actual schema-split / service-extraction migrations (use migration-strategy + schema-design).

2026-06-080

async-messaging

JayKim88/claude-ai-engineering

Build reliable event-driven flows with the Transactional Outbox pattern — write state and event in one transaction, relay asynchronously, achieve at-least-once delivery + consumer idempotency. Use when an action must reliably trigger downstream work, or when events are lost on crash (dual-write problem). Not for simple background work without state+event reliability (use background-jobs) or outbound HTTP webhook specifics (use webhook-design).

2026-06-080

authentication

JayKim88/claude-ai-engineering

Choose and implement auth correctly — JWT vs session vs OAuth decision, pin allowed algorithms server-side, rotate refresh tokens with reuse detection, avoid the classic JWT pitfalls. Use when adding login, integrating OAuth, or when token handling looks risky. Not for access control / permissions (use authorization) or a broader OWASP audit (use backend-security-audit).

2026-06-080

name	backend-security-audit
description	Audit a backend against the OWASP API Security Top 10 — BOLA/BFLA, injection, secrets, mass assignment — with an exploit scenario per finding. Use when adding auth/external input, before shipping, or on a quarterly security review. Not for implementing auth from scratch (use authentication / authorization) — each finding maps to its sibling skill for the fix.
license	MIT

Backend Security Audit

Purpose

Systematically check a backend against the OWASP API Security Top 10, producing findings with a concrete exploit scenario each — so the team understands the attack, not just the rule.

Universal — the OWASP API Top 10 is a vendor-neutral, exploit-oriented taxonomy that maps to any backend; only the fix syntax differs.

Procedure

Audit against the OWASP API Security Top 10 (2023). For each finding, write the exploit scenario (how an attacker abuses it) — this is the differentiator from a generic checklist.

API1 BOLA (Broken Object Level Authorization) — #1, ~40% of API attacks
- Can a user access another's object by changing an ID? → row-level authz missing (see authorization RLS)
API2 Broken Authentication
- Weak tokens, no rotation, alg confusion (see authentication)
API3 Broken Object Property Level Authorization (mass assignment / excessive data exposure)
- Does the API accept/return fields the user shouldn't set/see? → explicit allow-lists, DTOs
API5 BFLA (Broken Function Level Authorization)
- Can a regular user hit admin endpoints? → RBAC at every privileged route
API4 Unrestricted Resource Consumption
- Rate limiting, pagination caps, payload size limits, query depth/complexity limits (GraphQL)
API8 Security Misconfiguration
- CORS not wildcard for credentialed endpoints; security headers; verbose errors disabled in prod
Injection (cross-cutting)
- Note: standalone "Injection" was API8:2019 — in the 2023 edition it's folded across categories rather than its own item, but still audit it
- Parameterized queries only (ORM by default); never string-concatenate SQL; validate input (see data-validation)
Secrets management (cross-cutting)
- Not a numbered Top-10 item but a practical must: no secrets in code/client-shipped env; use a secret manager; rotate; scan with gitleaks/trufflehog
API7 SSRF (Server-Side Request Forgery) — call this out explicitly
- User-supplied URL fed into fetch / axios → attacker pivots through the server. Defenses: allowlist hosts; block cloud metadata IPs (169.254.169.254 AWS/GCP/Azure, 100.100.100.200 Alibaba, link-local + private CIDRs); validate the resolved IP, not just the input string (DNS rebinding); set a strict timeout
- Egress firewall is the structural defense; URL validation alone is not enough
API10 Unsafe Consumption of APIs — trust the wire as much as the user

Treat third-party API responses as untrusted: validate shape (see data-validation), cap response sizes, time out generously but not infinitely
JSON-bomb / zip-bomb / oversized-payload defenses on every downstream consumer

CSRF (cookie-auth web apps) — outside the API Top 10 but on the same backend

For sessions / cookie tokens: SameSite=Lax|Strict cookies + origin check on state-changing requests (header-token tokens like Authorization are immune)
Also review remaining 2023 items not enumerated above (API6 Sensitive Business Flows, API9 Improper Inventory)

Validate (validation loop)

For each Critical finding, reproduce the exploit (BOLA: actually fetch another user's record) → fix → re-attempt → verify blocked
Run eslint-plugin-security / semgrep --config=auto + gitleaks + dependency audit; triage each hit; re-run until clean or documented

Anti-patterns

❌ Anti-pattern	✅ Correct
Object access by ID with no ownership check	Row-level authz (RLS) verified per request
String-concatenated SQL	Parameterized queries / ORM
Accepting all body fields (mass assignment)	Explicit DTO allow-list
Secrets in env vars shipped to client	Secret manager; server-only; scanned
Wildcard CORS on credentialed endpoints	Explicit origin allow-list
User-supplied URL fed into `fetch` (SSRF)	Allowlist hosts; block metadata IPs (`169.254.169.254`); validate resolved IP, not just input
Trusting third-party API response shape (API10)	Validate shape + cap response size + bounded timeout
Cookie-auth state-changing endpoint with no CSRF defense	`SameSite=Lax/Strict` + origin / CSRF-token check

Severity tiers

Tier	Examples	Action SLA
Critical	BOLA leaking other users' data; SQL injection; secret in repo; admin endpoint reachable by regular user (BFLA); SSRF reachable to cloud metadata; cookie-auth state-change with no CSRF defense	Block release; fix immediately
Major	Missing rate limits; mass assignment; CORS wildcard; trusting third-party API response without validation/size cap	Fix this sprint
Minor	Verbose error messages; missing security header; outbound URL allow-list maintained ad-hoc	Schedule within 2 sprints

Completion Criteria

Key OWASP API Top 10 (2023) categories checked + cross-cutting concerns (injection, secrets)
Each finding has an exploit scenario
BOLA reproduced + fixed + re-verified blocked
Static analysis + secret scan clean (or documented)
All Critical fixed; all Major scheduled

Output

Report: docs/security-audit-YYYY-MM-DD.md — per finding: OWASP category, file:line, exploit scenario, fix, severity
Code fixes per finding
Commit format: fix(security): <description> [OWASP-API#N, severity]

Stop & Ask (AI must pause for user approval)

Before changing auth/authz logic to fix a finding — can lock users out if wrong
Before rotating/removing a secret found in the repo — coordinate rotation with deploys
Before tightening CORS/CSP in production config — verify no legitimate client breaks

Implementation

TypeScript + NestJS + Supabase (default)

Injection: Prisma parameterizes by default; never $queryRawUnsafe with interpolation
BOLA/BFLA: NestJS guards (RBAC) + Supabase RLS (row) — see authorization
Mass assignment: explicit DTOs + class-validator/Zod (see data-validation)
Scanning: eslint-plugin-security, semgrep --config=auto, gitleaks, npm audit

Other stacks

Python / FastAPI: bandit static analysis; Pydantic prevents mass assignment; parameterized SQLAlchemy
Go: gosec; database/sql parameterized queries
Universal: OWASP API Top 10 categories are framework-independent; semgrep, gitleaks, trivy work across stacks

Related skills

authorization — BOLA/BFLA findings are fixed via RBAC + RLS
authentication — broken auth is a top OWASP category
data-validation — input validation is the first injection defense

Reference

Key insight encoded: BOLA is the #1 API vulnerability — function-level auth without row-level auth is the most common gap. Every finding gets a reproducible exploit scenario.