vuln-patterns-auth-bypass
CommunityDetect authentication bypass vulnerabilities.
Software Engineering#oauth#access control#sso#authentication bypass#authorization bypass#permission check#jwt verification
Authoryhy0
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill helps identify and prevent authentication bypass vulnerabilities in Python code, ensuring that only authorized users can access sensitive resources and perform privileged actions.
Core Features & Use Cases
- Detects Bypass Patterns: Identifies common flaws in authentication flows, permission checks, access control logic, JWT/token validation, and SSO/OAuth implementations.
- Covers CWEs: Addresses vulnerabilities related to CWE-285 (Improper Authorization), CWE-287 (Improper Authentication), and CWE-863 (Incorrectly Implemented Security Check).
- Use Case: When auditing a web application's user management API, this Skill can pinpoint instances where an attacker might exploit weak session handling or improper permission checks to gain unauthorized access to administrative functions.
Quick Start
Analyze the provided Python code for authentication bypass vulnerabilities.
Dependency Matrix
Required Modules
None requiredComponents
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: vuln-patterns-auth-bypass Download link: https://github.com/yhy0/ghsa-skill-builder/archive/main.zip#vuln-patterns-auth-bypass Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.