API authentication and JWT abuse playbook. Use when testing bearer tokens, API keys, claim trust, header spoofing, rate limits, and API auth boundary weaknesses.
This skill does not declare a tool allowlist. The agent host applies whatever default tools are available at runtime.
SKILL.md / Manifest
https://raw.githubusercontent.com/yaklang/hack-skills/main/skills/api-auth-and-jwt-abuse/SKILL.mdRegistry
github (via claudemarketplaces.com)