Claude resources tagged “api-security”
2 curated Claude Code resources tagged api-security in the HeyClaude directory — mostly rules.
Highlights from this set
Standout entries tagged api-security, picked by their own metadata — trust tier, provenance, documentation, and recency.
All api-security resources
AI-Generated IDOR (Broken Object-Level Authorization) Review Rules
Review AI-generated endpoints for IDOR: object-level authorization on every request, scoped lookups instead of raw ID fetches, and consistent checks across CRUD and admin operations.
AI-Generated Mass Assignment Review Rules
Review AI-generated request-to-model binding code for mass assignment: allowlist bindable fields, use DTOs that exclude sensitive properties, and don't trust a framework's default autobinding.
Signal coverage
How these 2 resources score on the trust and safety signals HeyClaude reviews — counted from this set, not the directory as a whole.
A short, calm digest of reviewed Claude resources. Unsubscribe any time.