fuzzing-apis_skill
- Python
1.4k
GitHub Stars
1
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill jeremylongshore/claude-code-plugins-plus-skills --skill fuzzing-apis- SKILL.md3.5 KB
Overview
This skill configures and runs API fuzzing to discover edge cases, crashes, and security vulnerabilities. It guides environment preparation, test execution, result analysis, and report generation. Use it to automate fuzz test runs and capture actionable findings for developers and security teams.
How this skill works
The skill inspects test configuration files, validates prerequisites, and initializes the chosen fuzzing framework. It runs fuzz campaigns via scripted commands, streams execution logs and metrics, and collects raw outputs. After execution it parses results to identify failures, patterns, and performance regressions and generates a structured test report in the test-reports directory.
When to use it
- Before release to discover unexpected edge cases and crashes
- During security reviews to surface input-handling vulnerabilities
- When hardening public APIs after schema or dependency changes
- To validate resilience after infrastructure or configuration updates
- As part of nightly or CI fuzzing jobs to track regressions
Best practices
- Run fuzzing in an isolated test environment with resource quotas
- Prepare representative fixtures and seed inputs to improve coverage
- Set sensible timeouts and parallelism limits to avoid resource exhaustion
- Capture full logs, stack traces, and network traces for failing cases
- Automate result parsing and include reproducible minimal test cases in reports
Example use cases
- Fuzz a REST endpoint after a schema change to find crash-inducing payloads
- Run long-running mutation fuzzing nightly to detect regressions over time
- Integrate fuzz campaigns into CI for high-risk endpoints
- Stress-test binary parsers or file-upload handlers to uncover memory errors
- Generate prioritized vulnerability tickets with reproducer payloads for developers
FAQ
Have a configured test environment, installed fuzzing tools, prepared test data, and permissions for execution; ensure network access if testing external services.
How do I handle tests that time out or exhaust resources?
Increase per-test timeouts, optimize slow cases, reduce parallel workers, or increase resource quotas; also consider targeted seeds to reduce run length.