Skill UI

This skill provides advanced architectural patterns for optimizing high-volume integrations with the Navan API. It addresses common bottlenecks like rate limiting, sequential calls, and naive pagination by implementing robust solutions such as data-type-specific response caching, controlled parallel fetching with concurrency throttling, efficient cursor-based pagination, and HTTP connection reuse. Use this when building scalable, reliable, and high-throughput systems.

Provides advanced debugging techniques for Notion API issues that standard troubleshooting cannot resolve. It covers response ID inspection, tracing complex permission chains, detecting property type mismatches, managing pagination edge cases, and resolving block nesting limits across Notion databases and pages. Essential for robust integration development.

This guide provides a comprehensive reference for diagnosing and fixing common Notion API errors. It covers critical HTTP statuses and specific error codes (such as 401 Unauthorized, 403 Restricted Resource, 404 Object Not Found, 400 Validation Error, and 429 Rate Limited). Use it when debugging failed Notion integrations, managing permissions, or resolving data structure issues for reliable development.

A comprehensive tool for interacting with Notion via its API. It allows users to perform workspace-wide searches, run complex queries against structured databases using compound filters (AND/OR), retrieve specific pages, and deeply traverse and extract all nested block content. Supports pagination for handling large datasets, enabling full data visibility and structured data extraction.

A comprehensive checklist designed for assessing the security posture of GraphQL endpoints. It covers advanced vulnerabilities such as introspection abuse, IDOR, query depth/complexity DoS, injection attacks (SQLi/NoSQLi), and authorization bypass mechanisms. Essential for professional penetration testing and bug bounty hunting.

A comprehensive checklist detailing advanced attack methodologies for JSON Web Tokens (JWT). Covers critical misconfigurations such as algorithm confusion (alg:none, RS256→HS256), weak secret brute forcing, header injection (kid, jku, jwk), cache poisoning, and improper validation. Also provides specific vectors for extracting JWTs from mobile environments (Android/iOS). Ideal for penetration testers conducting deep security assessments on authentication systems.

A comprehensive guide to advanced SQL injection (SQLi) methodologies for offensive security assessments and bug bounty hunting. Covers all major injection types, including error-based, boolean/time-based blind, out-of-band, and second-order injection. Provides specific payloads and techniques for MySQL, MSSQL, PostgreSQL, Oracle, and NoSQL databases, along with methods for bypassing WAFs, exploiting GraphQL, WebSocket, and modern API filters. Includes full automation workflows using tools like sqlmap.

This skill provides a comprehensive checklist and methodology for identifying Server-Side Template Injection (SSTI) vulnerabilities. It covers template engine identification (e.g., Jinja2, Twig), polyglot payload generation, systematic detection methods, and executing engine-specific Remote Code Execution (RCE) payloads. Ideal for security professionals testing web application input sanitization.

This comprehensive checklist details advanced methods for bypassing Web Application Firewalls (WAFs) during security assessments. Techniques covered include encoding bypass (URL, Unicode, double encoding), HTTP header manipulation, IP rotation, payload obfuscation, and fingerprinting specific WAF vendors (e.g., Cloudflare, Akamai). It is essential for penetration testers evaluating the robustness of web defenses.

This comprehensive guide serves as a complete error decoder for the OneNote Graph API. It analyzes major HTTP status codes (400, 403, 404, 429, 500, 502, 507) and provides root cause analysis, diagnostic steps, and code fixes for common issues. It specifically addresses critical failure modes like deprecated authentication methods and silent 200 OK failures, helping developers debug complex API integrations in production.

This skill provides a comprehensive guide and code examples for creating a complete OneNote structure (Notebook, Section, and Page) using the Microsoft Graph API. It specifically addresses the critical technical requirement that OneNote content must follow strict XHTML standards, detailing common HTML pitfalls (such as unclosed tags, unsupported attributes, and merge cell usage) that can lead to silent content corruption during API calls.

Comprehensive guide for setting up delegated authentication for the OneNote Graph API using MSAL. Learn how to register applications in Azure AD, configure precise permission scopes, install SDKs (Python/TypeScript), and implement token caching. This guide specifically addresses the migration from deprecated app-only authentication methods.