{"skill":{"slug":"go-vuln-auth-bypass","displayName":"Go Vuln Auth Bypass","summary":"Use when auditing Go code involving authentication flows, RBAC policies, Kubernetes admission webhooks, JWT/OAuth token validation, or privilege escalation i...","tags":{"latest":"0.1.0"},"stats":{"comments":0,"downloads":246,"installsAllTime":0,"installsCurrent":0,"stars":0,"versions":1},"createdAt":1773476159707,"updatedAt":1777526017245},"latestVersion":{"version":"0.1.0","createdAt":1773476159707,"changelog":"Initial release of go-vuln-auth-bypass, a skill for auditing Go authentication and authorization flows.\n\n- Supports detection of common auth/z bypass patterns in Go/Kubernetes/cloud-native projects.\n- Provides a comprehensive checklist for auditing admission webhooks, RBAC, JWT/OAuth validation, gRPC interceptors, and middleware chains.\n- Details sources, sinks, sanitizers, and grep patterns for accurate detection.\n- Includes false positive/negative guidance and real-world vulnerabilities references.\n- Covers CWE-287, CWE-863, CWE-269, CWE-284, CWE-285, and CWE-862.","license":"MIT-0"},"metadata":null,"owner":{"handle":"yhy0","userId":"s172p34p6emz34m9wrf8241gp983hjhz","displayName":"yhy","image":"https://avatars.githubusercontent.com/u/31311038?v=4"},"moderation":null}