AgentHubAgentHub

testing-oauth2-implementation-flaws

SkillSkillsMP

io.github.xalgord/xalgorix/testing-oauth2-implementation-flaws · vmain

Tests OAuth 2.0 and OpenID Connect implementations for security flaws including authorization code interception, redirect URI manipulation, CSRF in OAuth flows, token leakage, scope escalation, and PKCE bypass. The tester evaluates the authorization server, client application, and token handling for common misconfigurations that enable account takeover or unauthorized access. Activates for requests involving OAuth security testing, OIDC vulnerability assessment, OAuth2 redirect bypass, or authorization code flow testing.

在 SkillsMP 查看源仓库

概览

testing-oauth2-implementation-flaws 是一个Agent Skill,收录自 SkillsMP。本页提供 Cursor、Claude Code 等客户端的安装配置片段。

Agent Skill 是带 SKILL.md 的指令包。安装后,AI 会根据 description 在匹配任务时自动加载,无需每次手动粘贴提示词。

安装

选择你的平台查看安装方式

# 通用 CLI(Cursor / Claude Code / Codex 等均支持)
npx skills add xalgord/xalgorix@testing-oauth2-implementation-flaws

使用方式

安装完成后,在对话中直接描述你的任务(或提及技能名称)。Agent 会先读取 SKILL.md 的 description 判断是否启用,再按其中的步骤执行。可用 /skills(Claude Code)或在设置中查看已加载的 Skills。

相关资源

统一 Manifest

{
  "id": "io.github.xalgord/xalgorix/testing-oauth2-implementation-flaws",
  "type": "skill",
  "version": "main",
  "displayName": "testing-oauth2-implementation-flaws",
  "description": "Tests OAuth 2.0 and OpenID Connect implementations for security flaws including authorization code interception, redirect URI manipulation, CSRF in OAuth flows, token leakage, scope escalation, and PKCE bypass. The tester evaluates the authorization server, client application, and token handling for common misconfigurations that enable account takeover or unauthorized access. Activates for requests involving OAuth security testing, OIDC vulnerability assessment, OAuth2 redirect bypass, or authorization code flow testing.",
  "author": {
    "name": "xalgord",
    "url": "https://github.com/xalgord"
  },
  "repository": {
    "url": "https://github.com/xalgord/xalgorix",
    "source": "github",
    "subfolder": "internal/tools/skills/data/api-security/testing-oauth2-implementation-flaws"
  },
  "homepage": "https://skillsmp.com/skills/xalgord-xalgorix-internal-tools-skills-data-api-security-testing-oauth2-implementation-flaws-skill-md",
  "distribution": {
    "packages": [
      {
        "registryType": "source",
        "identifier": "xalgord/xalgorix@testing-oauth2-implementation-flaws",
        "version": "main",
        "runtimeHint": "npx skills add"
      }
    ],
    "remotes": []
  },
  "dependencies": [],
  "installTargets": [
    "claude-code",
    "claude-desktop",
    "cursor",
    "codex",
    "vscode"
  ],
  "keywords": [
    "stars:599"
  ],
  "provenance": {
    "origin": "skillsmp",
    "originalId": "xalgord-xalgorix-internal-tools-skills-data-api-security-testing-oauth2-implementation-flaws-skill-md",
    "originalUrl": "https://skillsmp.com/skills/xalgord-xalgorix-internal-tools-skills-data-api-security-testing-oauth2-implementation-flaws-skill-md",
    "isOfficial": false,
    "status": "active"
  }
}
testing-oauth2-implementation-flaws — Agent Skill 安装与配置 · AgentHub