API Security Router This is the routing entry point for API security testing. Use this skill first to decide whether the API issue is mostly recon/docs, object authorization, token trust, or GraphQL/hidden parameters, then route to a deeper topic skill. When to Use - The target exposes REST APIs, mobile backends, or GraphQL endpoints - You need to define API testing order before going into specific topics - You want to handle object authorization, JWT, GraphQL, and hidden fields as separate tracks Skill Map - API Recon and Docs: OpenAPI, Swagger, version drift, hidden documentation - API Auth…