This is your starting point when you need to test whether an application's business rules can be gamed rather than broken at the input layer. It routes you toward race conditions, workflow bypasses, pricing manipulation, and state machine abuse in systems that handle coupons, payments, approvals, or multi-step processes. The skill itself is a dispatcher, not a techniques library, so it points you to the actual business logic vulnerabilities skill and related routers for API, auth, and file access issues. Use it when the bug lives in the gap between "check" and "act" or when discount stacking and negative quantity tricks matter more than SQL injection.
npx skills add https://github.com/yaklang/hack-skills --skill business-logic-vuln