api-best-practices
Provides best practices for designing and documenting RESTful APIs, covering patterns, versioning, authentication, and error handling.
Install this skill
or
78/100
Security score
The api-best-practices skill was audited on Feb 9, 2026 and we found 10 security issues across 2 threat categories. Review the findings below before installing.
Categories Tested
Security Issues
medium line 757
Webhook reference - potential data exfiltration
SourceSKILL.md
| 757 | ## Webhooks |
medium line 759
Webhook reference - potential data exfiltration
SourceSKILL.md
| 759 | ### Webhook Payload |
medium line 774
Webhook reference - potential data exfiltration
SourceSKILL.md
| 774 | ### Webhook Security |
low line 778
Webhook reference - potential data exfiltration
SourceSKILL.md
| 778 | POST https://customer.com/webhooks |
low line 779
Webhook reference - potential data exfiltration
SourceSKILL.md
| 779 | X-Webhook-Signature: sha256=abc123... |
low line 785
Webhook reference - potential data exfiltration
SourceSKILL.md
| 785 | def verify_webhook(payload, signature, secret): |
low line 392
External URL reference
SourceSKILL.md
| 392 | CORS(app, origins=["https://myapp.com", "https://app.myapp.com"]) |
low line 429
External URL reference
SourceSKILL.md
| 429 | - url: https://api.example.com/v1 |
low line 431
External URL reference
SourceSKILL.md
| 431 | - url: https://staging-api.example.com/v1 |
low line 778
External URL reference
SourceSKILL.md
| 778 | POST https://customer.com/webhooks |
Scanned on Feb 9, 2026
View Security DashboardGitHub Stars 106
Rate this skill
Categorydevelopment
UpdatedMay 21, 2026
majiayu000/claude-skill-registry