This is a structured seven-phase workflow for testing API security, covering both REST and GraphQL endpoints. It walks you through discovery, authentication and authorization testing, input validation, rate limiting checks, GraphQL-specific vulnerabilities, and error handling. Each phase references other granular skills like api-fuzzing-bug-bounty and broken-authentication with copy-paste prompts to chain them together. The checklist format is helpful if you're doing bug bounty work or security audits and want to make sure you're not missing obvious attack vectors. It's essentially a methodology guide that assumes you already have the underlying testing skills installed.
npx skills add https://github.com/sickn33/antigravity-awesome-skills --skill api-security-testing