42crunch-api-security-testing

Q: How to install 42crunch-api-security-testing?

Add a marketplace: /plugin marketplace add . Then add the config to /plugin install 42crunch-api-security-testing@ . Finally, /plugin in Claude Code.

Q: What is 42crunch-api-security-testing best for?

42crunch-api-security-testing is categorized under General. It covers: security, testing, deployment, api, design.

New

Official PluginGeneralby 42Crunch

Automate API security directly in Claude Code with 42Crunch - automatically audit OpenAPI specs, detect vulnerabilities aligned with OWASP API Security risks (including BOLA/BFLA), and apply AI-powered fixes. Designed for AI-assisted development workflows, it provides continuous guardrails through an audit->scan->remediate->validate loop, ensuring APIs meet enterprise security standards before deployment.

First seen 5/22/2026

Summary

It provides a continuous audit-scan-remediate-validate loop to ensure APIs meet enterprise security standards before deployment.

Install & Usage

Add a marketplace

/plugin marketplace add <org/repo>

Install the plugin

Add the configuration to /plugin install 42crunch-api-security-testing@<marketplace>

Manage with /plugin

/plugin

Use Cases

Audit an OpenAPI spec for security vulnerabilities before deploying a new API endpoint.

Scan an existing API for OWASP Top 10 risks including broken object level authorization (BOLA).

Automatically fix detected security issues in your OpenAPI specification using AI suggestions.

Validate that remediated API specs pass security checks as part of a CI/CD pipeline.

Integrate continuous API security testing into your AI-assisted development workflow.

Generate a security report for an API to share with your team or compliance auditors.

Usage Examples

/42crunch-api-security-testing audit my-api.yaml

Scan the OpenAPI spec at ./openapi/spec.yaml for OWASP vulnerabilities and suggest fixes.

Validate the security of the API spec after applying the recommended remediations.

View source on GitHub

securitytestingdeploymentapidesign

Security Audits

LicenseUnknownSourcePassRepositoryPass

Frequently Asked Questions

What is 42crunch-api-security-testing?

This skill integrates 42Crunch API security testing directly into Claude Code, enabling automated auditing of OpenAPI specifications, detection of OWASP API Security vulnerabilities like BOLA and BFLA, and AI-powered fixes. It provides a continuous audit-scan-remediate-validate loop to ensure APIs meet enterprise security standards before deployment.

How to install 42crunch-api-security-testing?

To install 42crunch-api-security-testing: add a marketplace (/plugin marketplace add <org/repo>), then add the config to /plugin install 42crunch-api-security-testing@<marketplace>. Finally, /plugin in Claude Code.

What is 42crunch-api-security-testing best for?

42crunch-api-security-testing is a plugin categorized under General. It is designed for: security, testing, deployment, api, design. Created by 42Crunch.

What can I use 42crunch-api-security-testing for?

42crunch-api-security-testing is useful for: Audit an OpenAPI spec for security vulnerabilities before deploying a new API endpoint.; Scan an existing API for OWASP Top 10 risks including broken object level authorization (BOLA).; Automatically fix detected security issues in your OpenAPI specification using AI suggestions.; Validate that remediated API specs pass security checks as part of a CI/CD pipeline.; Integrate continuous API security testing into your AI-assisted development workflow.; Generate a security report for an API to share with your team or compliance auditors..