exploiting-excessive-data-exposure-in-api
•published 2026/03/13
Tests APIs for excessive data exposure where endpoints return more data than the client application needs, relying on the frontend to filter sensitive fields. The tester intercepts API responses and analyzes them for leaked PII, internal identifiers, debug information, or sensitive business data that the UI does not display but the API transmits. This maps to OWASP API3:2023 Broken Object Property Level Authorization. Activates for requests involving API data leakage testing, excessive data exposure, response filtering bypass, or API over-fetching.
📦 Install Skill
Command line install
Install directly with the `skills` CLI.
npx skills add mukul975/Anthropic-Cybersecurity-Skills/skills/exploiting-excessive-data-exposure-in-apiLocal download
Download only this skill directory.
Download exploiting-excessive-data-exposure-in-api onlyFile Explorer
No file selected
Select a file to view its content

