OAuth and OIDC misconfiguration testing playbook. Use when reviewing redirect URI handling, state and nonce validation, PKCE, token audience, callback binding, and identity-provider trust flaws.
This skill does not declare a tool allowlist. The agent host applies whatever default tools are available at runtime.
SKILL.md / Manifest
https://raw.githubusercontent.com/yaklang/hack-skills/main/skills/oauth-oidc-misconfiguration/SKILL.mdRegistry
github (via claudemarketplaces.com)