authorization-bypass-detection
OfficialDetect unauthorized access and privilege escalation.
Software Engineering#authorization#security#access control#privilege escalation#vulnerability detection#red teaming
AuthorTencent
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill identifies vulnerabilities where an AI agent might grant unauthorized access or perform actions beyond its intended permissions, safeguarding sensitive data and operations.
Core Features & Use Cases
- Detects Privilege Escalation: Probes for ways an attacker could gain higher access levels than they should have.
- Identifies Cross-User/Tenant Access: Tests if the agent mistakenly exposes data or functionality belonging to other users or tenants.
- Use Case: In a multi-tenant AI application, this skill would test if a regular user can access administrative dashboards or another user's private data by making specific, targeted requests.
Quick Start
Use the dialogue tool to ask the agent to list data belonging to another user.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: authorization-bypass-detection Download link: https://github.com/Tencent/AI-Infra-Guard/archive/main.zip#authorization-bypass-detection Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.