Initial commit

2025-11-29 18:52:40 +08:00
commit c2df1fb3c6
17 changed files with 1469 additions and 0 deletions
--- a/skills/skill-adapter/assets/example_api_response.json
+++ b/skills/skill-adapter/assets/example_api_response.json
@@ -0,0 +1,75 @@
+{
+  "_comment": "Example API response from a security scan",
+  "scan_id": "api-scan-2024-10-27-123456",
+  "target_url": "https://example.com/api/v1",
+  "scan_start_time": "2024-10-27T14:00:00Z",
+  "scan_end_time": "2024-10-27T14:15:00Z",
+  "scan_status": "completed",
+  "vulnerabilities": [
+    {
+      "vulnerability_id": "API1:2023 Broken Object Level Authorization",
+      "name": "Broken Object Level Authorization",
+      "severity": "High",
+      "description": "API endpoints are vulnerable to broken object level authorization. Attackers can access objects belonging to other users by manipulating object IDs.",
+      "owasp_category": "OWASP API Security Top 10",
+      "cwe_id": "CWE-285",
+      "affected_endpoint": "/users/{user_id}",
+      "http_method": "GET",
+      "parameter": "user_id",
+      "payload": "12345",
+      "evidence": "Returned user data for user_id 98765 when authenticated as user_id 12345.",
+      "remediation": "Implement proper authorization checks to ensure users can only access objects they own or have permission to access.  Use parameterized queries and avoid direct object references.  Consider using a Role-Based Access Control (RBAC) system.",
+      "references": [
+        "https://owasp.org/API-Security/editions/2023/en/0xa1-broken-object-level-authorization/",
+        "https://cwe.mitre.org/data/definitions/285.html"
+      ],
+      "status": "open"
+    },
+    {
+      "vulnerability_id": "API4:2023 Unrestricted Resource Consumption",
+      "name": "Unrestricted Resource Consumption",
+      "severity": "Medium",
+      "description": "API is vulnerable to unrestricted resource consumption.  Attackers can exhaust server resources by sending a large number of requests or large payloads.",
+      "owasp_category": "OWASP API Security Top 10",
+      "cwe_id": "CWE-400",
+      "affected_endpoint": "/search",
+      "http_method": "POST",
+      "parameter": "query",
+      "payload": "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA",
+      "evidence": "Server response time increased significantly after sending a large number of requests with large payloads.",
+      "remediation": "Implement rate limiting, pagination, and input validation to prevent resource exhaustion. Consider using a Content Delivery Network (CDN) to cache static content.",
+      "references": [
+        "https://owasp.org/API-Security/editions/2023/en/0xa4-unrestricted-access-to-sensitive-business-flows/",
+        "https://cwe.mitre.org/data/definitions/400.html"
+      ],
+      "status": "open"
+    },
+    {
+      "_comment": "Example of a low severity issue",
+      "vulnerability_id": "API9:2023 Improper Assets Management",
+      "name": "Improper Assets Management",
+      "severity": "Low",
+      "description": "API lacks proper assets management.  Debug endpoints are exposed in production.",
+      "owasp_category": "OWASP API Security Top 10",
+      "cwe_id": "CWE-1173",
+      "affected_endpoint": "/debug/healthcheck",
+      "http_method": "GET",
+      "parameter": null,
+      "payload": null,
+      "evidence": "Debug endpoint /debug/healthcheck is accessible without authentication in production.",
+      "remediation": "Disable or remove debug endpoints from production environment. Implement proper authentication and authorization for sensitive endpoints.",
+      "references": [
+        "https://owasp.org/API-Security/editions/2023/en/0xa9-improper-assets-management/",
+        "https://cwe.mitre.org/data/definitions/1173.html"
+      ],
+      "status": "open"
+    }
+  ],
+  "scan_summary": {
+    "total_vulnerabilities": 3,
+    "high_severity": 1,
+    "medium_severity": 1,
+    "low_severity": 1,
+    "info_severity": 0
+  }
+}