How does this skill help with compliance?

It generates an inventory and risk assessment of data access grants, which is essential for documenting third-party risk management for GDPR Article 28, SOC 2, and ISO 27001.

Can it detect shadow IT applications?

Yes, by enumerating all user-consented and admin-consented OAuth grants, it reveals applications accessing organizational data that may not have been officially approved by IT.

Which identity providers does this skill support?

The skill provides patterns and workflows applicable to major identity providers including Microsoft Entra ID (Azure AD), Okta, and Google Workspace.

What is OAuth scope minimization?

OAuth scope minimization is the security practice of reviewing and reducing the permissions granted to third-party applications to the absolute minimum required for their intended function.

OAuth Scope Minimization Review

Name: OAuth Scope Minimization Review
Author: micsapp

bymicsapp

0•

安全与测试

Audits and minimizes OAuth 2.0 scopes to secure third-party application integrations and enforce least-privilege access.

This skill provides a structured framework for auditing OAuth 2.0 permissions across identity providers and SaaS platforms like Microsoft Entra ID and Google Workspace. It enables security teams to inventory application grants, classify API scopes based on data sensitivity, and identify over-permissioned integrations that pose a security risk. By automating the detection of excessive scopes and unused token grants, the skill helps organizations reduce their attack surface, remediate shadow IT, and maintain compliance with standards such as GDPR and SOC 2.

主要功能

01Comprehensive inventory of OAuth grants and service principals

020 GitHub stars

03Identification of shadow IT and unauthorized data access patterns

04Detection of over-permissioned third-party applications

05Risk-based classification of API scopes (Critical, High, Medium, Low)

06Automated reporting for security compliance and governance audits

使用场景

01Conducting quarterly security reviews of third-party SaaS integrations

02Remediating excessive permissions following a security incident or token breach

03Enforcing least-privilege access during the onboarding of new API-based tools

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add micsapp/micstec-skills performing-oauth-scope-minimization-review

For use in Claude.ai and ChatGPT

主要功能

01Comprehensive inventory of OAuth grants and service principals

020 GitHub stars

03Identification of shadow IT and unauthorized data access patterns

04Detection of over-permissioned third-party applications

05Risk-based classification of API scopes (Critical, High, Medium, Low)

06Automated reporting for security compliance and governance audits

使用场景

01Conducting quarterly security reviews of third-party SaaS integrations

02Remediating excessive permissions following a security incident or token breach

03Enforcing least-privilege access during the onboarding of new API-based tools

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add micsapp/micstec-skills performing-oauth-scope-minimization-review

For use in Claude.ai and ChatGPT