auth-sec

Entry P1 category router for authentication and authorization. Use when testing login flows, sessions, object authorization, JWT, OAuth, CORS, CSRF, and enterprise SSO weaknesses before any deeper auth topic skill.

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "auth-sec" with this command: npx skills add yaklang/hack-skills/yaklang-hack-skills-auth-sec

Authentication and Authorization Router

This is the routing entry point for authentication, sessions, and authorization boundaries.

Use it to decide whether the issue is mainly login mechanics, object-level authorization, browser trust boundaries, or identity protocols such as OAuth/JWT/SAML before going deeper.

When to Use

  • The target includes login, registration, password reset, 2FA, sessions, JWT, OAuth, or SSO
  • You suspect object authorization flaws, cross-tenant access, cross-origin reads, CSRF, or protocol misconfiguration
  • You need to decide whether to test authentication or authorization first

Skill Map

Recommended Flow

  1. First confirm the authentication model and session boundaries
  2. Then confirm object-level and function-level authorization
  3. Then move to token, cross-origin, and protocol details
  4. If enterprise federation exists, continue with OAuth, OIDC, or SAML topics

Related Categories

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Related Skills

Related by shared tags or category signals.

General

hack

No summary provided by upstream source.

Repository SourceNeeds Review
General

api-sec

No summary provided by upstream source.

Repository SourceNeeds Review
General

api-auth-and-jwt-abuse

No summary provided by upstream source.

Repository SourceNeeds Review
General

xss-cross-site-scripting

No summary provided by upstream source.

Repository SourceNeeds Review