Stats
Actions
Tags
Detects high-risk OAuth app consent grants in Azure AD/Entra ID using Microsoft Graph API, audit logs, and permission analysis to identify illicit consent attacks.
How this skill is triggered — by the user, by Claude, or both
Slash command
/cybersecurity-skills-zh:detecting-suspicious-oauth-application-consentThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
非法同意授权攻击(Illicit Consent Grant Attack)诱骗用户在 Azure AD / Microsoft Entra ID 中向恶意 OAuth 应用程序授予过多权限。本 skill 使用 Microsoft Graph API 枚举 OAuth2 权限授权,分析应用程序权限是否范围过于宽泛,审查授权同意事件的目录审计日志,并根据发布者验证状态和权限范围标记高风险应用程序。
非法同意授权攻击(Illicit Consent Grant Attack)诱骗用户在 Azure AD / Microsoft Entra ID 中向恶意 OAuth 应用程序授予过多权限。本 skill 使用 Microsoft Graph API 枚举 OAuth2 权限授权,分析应用程序权限是否范围过于宽泛,审查授权同意事件的目录审计日志,并根据发布者验证状态和权限范围标记高风险应用程序。
Application.Read.All、AuditLog.Read.All、Directory.Read.All 权限的 Microsoft Graph API 访问msal、requests/oauth2PermissionGrants 枚举所有 OAuth2 权限授权Consent to application 事件的目录审计日志npx claudepluginhub killvxk/cybersecurity-skills-zhDetects illicit OAuth consent grants in Azure AD/Entra ID via Microsoft Graph API, audit logs, and permission analysis. Flags risky apps for security incident response and threat hunting.
Detects risky OAuth application consent grants in Azure AD/Entra ID using Microsoft Graph API, audit logs, and permission analysis to identify illicit consent attacks. For SOC analysts and threat hunting.
Detects risky OAuth application consent grants in Azure AD / Microsoft Entra ID using Microsoft Graph API, audit logs, and permission analysis to identify illicit consent grant attacks.