This is a routing skill that helps you figure out which authentication or authorization testing path to take before diving deep. It covers the decision tree between login mechanics, object-level access controls, browser trust boundaries, and identity protocols like OAuth, JWT, and SAML. You'd reach for this when facing a login page, API with tokens, or SSO flow and need to triage whether you're dealing with broken authentication, IDOR issues, CSRF problems, or protocol misconfigurations. The skill map links out to seven specialized auth topics, so it's really about making the right first move rather than doing the actual testing. Honest take: it's metacognition as a skill, which is useful if you're new to auth testing or working with a complex surface.
npx skills add https://github.com/yaklang/hack-skills --skill auth-sec