Does it generate documentation automatically?

Yes, it can generate full OpenAPI 3.0 specifications, authentication flow diagrams, and request/response examples for your entire API.

How do I activate the security scan?

You can trigger the skill by using phrases such as 'scan API security', 'check for vulnerabilities', or 'audit API security' while working in Claude Code.

What vulnerabilities does the API Security Scanner check for?

The skill identifies critical security flaws including SQL injection, broken authentication, sensitive data exposure, and misconfigured security headers following OWASP guidelines.

Does it help with rate limiting and throttling?

Absolutely. The skill includes specific steps to implement production-ready rate limiting, throttling policies, and standardized error handling for high-traffic environments.

Can I use this with my specific API framework?

Yes, while the skill provides scaffolding for frameworks like Express, FastAPI, and Flask, its security auditing and documentation capabilities are compatible with most RESTful architectures.

API Security Scanner & Developer

Name: API Security Scanner & Developer
Author: BbgnsurfTech

byBbgnsurfTech

•

Security & Testing

Scans APIs for security vulnerabilities and provides specialized guidance for building production-grade, secure backend services.

The API Security Scanner is a comprehensive Claude Code skill designed to audit and fortify backend architectures against common threats like injection, broken authentication, and sensitive data exposure. It empowers developers to design secure API structures, implement robust middleware for rate limiting and logging, and generate production-ready documentation and test suites. By integrating OWASP best practices directly into the development workflow, this skill ensures that every endpoint is resilient, well-documented, and compliant with modern security standards.

Key Features

01Production-ready configuration for rate limiting and security headers

02Automated vulnerability scanning for injection and data exposure

03Built-in authentication and authorization middleware implementation

04Secure API scaffolding for popular frameworks like Express and FastAPI

053 GitHub stars

06Auto-generation of OpenAPI 3.0 specifications and Postman collections

Use Cases

01Automating the creation of comprehensive API documentation and integration tests

02Designing and scaffolding new backend services with a security-first approach

03Auditing existing REST APIs for security flaws before production deployment

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add bbgnsurftech/claude-skills-collection api-security-scanner

For use in Claude.ai and ChatGPT

Download Skill