OpenSkillIndex← back to search
claude-codesecurity

Claude-skill-registry detecting-logic-bypass

Detects logic bypass vulnerabilities including authentication bypass, authorization bypass, and business logic flaws. Use when analyzing authentication mechanisms, access controls, or investigating security control bypasses.

install
source · Clone the upstream repo
git clone https://github.com/majiayu000/claude-skill-registry
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/majiayu000/claude-skill-registry "$T" && mkdir -p ~/.claude/skills && cp -r "$T/skills/data/detecting-logic-bypass" ~/.claude/skills/majiayu000-claude-skill-registry-detecting-logic-bypass && rm -rf "$T"
manifest: skills/data/detecting-logic-bypass/SKILL.md
tags
#security-analysis#vulnerability-detection#logic-bypass#authentication#authorization#business-logic
source content

Logic Bypass Detection

Detection Workflow

  1. Identify security controls: Find authentication mechanisms, authorization checks, validation functions, business logic rules
  2. Trace control flow: Use 
    xrefs_to
    to trace paths, identify bypass opportunities, check for missing checks
  3. Check validation logic: Review validation functions, test bypass scenarios, assess validation completeness
  4. Assess bypass impact: What security control is bypassed? What's the business impact? How severe is the bypass?

Key Patterns

  • Authentication bypass: weak password checks, session token weaknesses, timing attacks
  • Authorization bypass: missing permission checks, insecure direct object references, privilege escalation
  • Input validation bypass: blacklist-based validation, insufficient sanitization, regex bypass
  • Business logic bypass: race conditions, state manipulation, transaction abuse

Output Format

Report with: id, type, subtype, severity, confidence, location, vulnerability, security control, bypass method, attack scenario, bypass steps, exploitability, impact, mitigation.

Severity Guidelines

  • CRITICAL: Complete bypass of primary security control
  • HIGH: Bypass of important security control
  • MEDIUM: Partial bypass or edge case bypass
  • LOW: Limited bypass with minor impact

See Also

  • patterns.md
    - Detailed detection patterns and exploitation scenarios
  • examples.md
    - Example analysis cases and code samples
  • references.md
    - CWE references and mitigation strategies