from opencode-skills-collection19
Structured workflow for testing REST and GraphQL API security: auth, authorization, rate limiting, input validation and error handling.
Provides a step-by-step API security testing workflow for REST and GraphQL endpoints. The skill breaks testing into phases: discovery, authentication, authorization, input validation, rate limiting, GraphQL-specific tests, and error handling. It lists suggested sub-skills to invoke for fuzzing, scanning, and specific attack classes, plus checklists and quality gates for reporting.
Use this workflow when performing security assessments, bug-bounty testing, or internal API hardening exercises that require systematic checks across authentication, authorization, input validation, rate limits, and GraphQL pitfalls. Not a substitute for expert manual review.
Useful for security-focused agents or toolchains that can orchestrate vulnerability scanners and fuzzers (e.g., agents integrated with api-fuzzing, scanning-tools, or other security skills).
This skill has not been reviewed by our automated audit pipeline yet.
Makepad Basics
Guides onboarding and basic app structure for Makepad using the makepad-widgets crate; generates example Rust code and explains live_design/app_main patterns.
Python Performance Optimization
Profile, analyze, and optimize Python applications for CPU and memory efficiency using profiling tools and performance best practices.
