Stats
Actions
Tags
From patchman
Review an authorized application for business-logic vulnerabilities, workflow abuse, approval bypasses, replay conditions, quota circumvention, plan enforcement bugs, and state-transition errors. Use for billing, invites, approvals, refunds, admin actions, and multi-step workflows.
How this skill is triggered — by the user, by Claude, or both
Slash command
/patchman:business-logic-reviewThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
- state machine gaps
npx claudepluginhub muhammedzohaib/patchman --plugin patchmanIdentifies business logic vulnerabilities during whitebox pentesting, analyzing workflows, trust boundaries, state machines, authorization bypasses, and multi-step processes.
Identifies business logic flaws in web apps allowing price manipulation, workflow bypass, and privilege escalation during authorized penetration tests beyond automated scanners.
Identifies business logic flaws like price manipulation, workflow bypass, and privilege escalation during penetration tests. Use when automated scanners miss logic-based vulnerabilities.