api-inventory-scanner

Solid

Discover and document existing API endpoints from code, logs, and traffic analysis

API & Backend 1,160 stars 71 forks Updated today MIT

Install

View on GitHub

Quality Score: 96/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# API Inventory Scanner Skill Discovers and documents existing API endpoints through code analysis, log inspection, and traffic analysis. ## Purpose Enable API discovery for: - Endpoint discovery - Request/response format extraction - Authentication method detection - Rate limit identification - Consumer mapping ## Capabilities ### 1. Endpoint Discovery - Parse route definitions - Analyze controller code - Inspect API frameworks - Find undocumented endpoints ### 2. Request/Response Format Extraction - Extract request schemas - Document response formats - Identify query parameters - Map headers and cookies ### 3. Authentication Method Detection - Identify auth mechanisms - Document token formats - Map permission requirements - Catalog security schemes ### 4. Rate Limit Identification - Find rate limit configurations - Document throttling rules - Identify quotas - Map limit tiers ### 5. Consumer Mapping - Identify API consumers - Track usage patterns - Map client dependencies - Document integrations ### 6. Usage Pattern Analysis - Analyze access logs - Identify hot endpoints - Track response times - Map error rates ## Tool Integrations | Tool | Purpose | Integration Method | |------|---------|-------------------| | Swagger Inspector | Traffic capture | GUI | | Postman | Collection building | API | | Code parsers | Route extraction | CLI | | Log analyzers | Traffic analysis | CLI | | APM tools | Usage metrics | API | ## Output Schema ```json { "scanId": "string",...

Details

Author
a5c-ai
Repository
a5c-ai/babysitter
Created
4 months ago
Last Updated
today
Language
JavaScript
License
MIT

Similar Skills

Semantically similar based on skill content — not just same category

API & Backend Featured

performing-api-inventory-and-discovery

Performs API inventory and discovery to identify all API endpoints in an organization's environment including documented, undocumented, shadow, zombie, and deprecated APIs. The tester uses passive traffic analysis, active scanning, DNS enumeration, JavaScript analysis, and cloud resource inventory to build a comprehensive API catalog. Maps to OWASP API9:2023 Improper Inventory Management. Activates for requests involving API discovery, shadow API detection, API inventory audit, or attack surface mapping.

13,115 Updated today
mukul975
API & Backend Listed

api-discovery

Hidden API discovery and intelligence tool. Detects internal APIs, REST/GraphQL endpoints, WebSocket connections, and authentication patterns on any website. Useful for competitive intelligence, integration building, and understanding how SPA applications work under the hood. Triggers on: hidden API, discover APIs, endpoint, SPA, intercept, XHR, fetch requests, websocket, internal API, reverse engineer API, API patterns, API endpoints, API mapping.

2 Updated 3 days ago
ceoimperiumprojects
AI & Automation Featured

scanning-api-security

Detect API security vulnerabilities including injection, broken auth, and data exposure. Use when scanning APIs for security vulnerabilities. Trigger with phrases like "scan API security", "check for vulnerabilities", or "audit API security".

2,274 Updated today
jeremylongshore
API & Backend Listed

api-surface

Maps the entire API surface of a codebase -- route definitions, middleware chains, auth requirements, request/response types, deprecated endpoints, orphaned endpoints, and cross-endpoint inconsistencies. USE THIS SKILL WHEN: - You need a complete inventory of all API endpoints in a project - Someone asks "what endpoints do we have?" or "what does our API look like?" - You are onboarding to a new backend codebase and need to understand its API - You need to find orphaned, undocumented, or deprecated endpoints - Someone asks about API inconsistencies (different response shapes, auth gaps) - You are preparing for an API review, documentation sprint, or versioning migration - You need to understand endpoint dependencies before refactoring - A project has no OpenAPI spec and you need to generate one from code - You suspect there are endpoints without authentication or rate limiting TRIGGER PHRASES: "API surface", "list all endpoints", "API inventory", "endpoint map", "orphaned endpoints", "API inconsistencies", "u

4 Updated yesterday
tinh2
API & Backend Listed

route-scanning

Scan Express.js source files to discover all API route definitions.

748 Updated 2 days ago
huangjia2019