Workflow summary
Combines static checks and manual review to enforce auth, validation, and data-handling controls in endpoint implementations.
- Version
- 0.1.0
- Updated
- Apr 22, 2026
- Reliability
- high
- Risk
- high
Secure Endpoint Review Documentation
Runtime-generated docs from the validated registry. Use this page as the in-app skill reference while external source repositories are still being finalized.
Verification and assets
- static analysis
- manual review required
Included files
- scripts/scan_fastapi_route.py (script) - Performs basic static scans for missing auth and weak validation.
- references/review-template.md (reference) - Standardized security review output template.
- references/owasp-mapping.md (reference) - Maps common endpoint flaws to OWASP risk categories.
- references/secure-defaults-checklist.md (reference) - Operational secure-default checklist for endpoint reviews.
Inputs
- endpoint_code (code) - Handler and middleware code for reviewed endpoint.
- auth_policy (markdown) - Role and permission requirements for endpoint access.
Outputs
- security_findings (markdown) - Severity-ranked findings and remediation guidance.
- secure_patch (diff) - Patch implementing required security changes.
Source metadata
Declared source URL in registry:
https://github.com/SHREYAS290601/ars.flow-skills/tree/main/skills/secure-endpoint-review