Probe a target for accidentally-public admin / debug / introspection endpoints — Spring Boot Actuator, Apache server-status, Prometheus metrics, GraphQL playground, Swagger UI, phpMyAdmin, JMX-over-HTTP (Jolokia), Elasticsearch _cat, Kibana / Grafana / Eureka / Consul panels. Use when: post-deploy verification, security audit before SOC2, inheriting a system you didn't build, or a bug bounty hints at an exposed introspection panel. Threshold: any of the canonical 40+ admin/debug paths returns 200, 302 to a login, or framework-specific JSON shape (e.g., Actuator returning a _links object, server-status HTML body containing the Apache Server Status title). Trigger with: "check debug endpoints", "actuator exposure", "admin panel scan", "graphql playground check".
About this skill (catalog notes)
Detecting Debug Endpoints includes a dedicated installation section; worked examples; 6 code blocks for direct copy-paste. The SKILL.md runs to about 951 words, in the catalog's typical mid-range.
Detecting Debug Endpoints sits in the Engineering category under the frontend sub-topic in the ClaudSkills catalog. There are 10 related skills indexed alongside it; comparing a few before installing usually reveals which fits your workflow best.
These notes are auto-generated from features detected in the SKILL.md file and from this catalog's structure — they aren't part of the source repository.
What this skill does
Detecting Debug Endpoints is a community-contributed Claude Code skill in the frontend sub-category. It ships as a SKILL.md file that Claude Code auto-discovers under ~/.claude/skills/detecting-debug-endpoints/ and loads when your prompt matches the skill's trigger.
When to invoke it: Use when: post-deploy verification, security audit before SOC2, inheriting a system you didn't build, or a bug bounty hints at an exposed introspection panel. Threshold: any of the canonical 40+ admin/debug paths returns 200, 302 to a login, or framework-specific JSON shape (e.
Who uses this skill
The Detecting Debug Endpoints Claude Code skill is built for software engineers, backend developers, full-stack teams, and technical leads building and maintaining production systems. It's part of ClaudSkills (also referred to as Claude Skills or Claude Code Skills) — the open community-curated registry of 92,000+ SKILL.md files for Anthropic's Claude Code agent and the wider Claude ecosystem (Claude API, Claude Agent SDK).
Or just download SKILL.md directly and drop it into ~/.claude/skills/detecting-debug-endpoints/. Claude Code auto-discovers it on next session.
Skills live at ~/.claude/skills/detecting-debug-endpoints/SKILL.md on macOS/Linux, or %USERPROFILE%\.claude\skills\detecting-debug-endpoints\SKILL.md on Windows. See the full install guide for step-by-step instructions.
Pro
One-click install via the desktop app
The ClaudSkills desktop app installs any skill directly into ~/.claude/skills/ with one click — no terminal required. Pro starts at $9/mo or $149 lifetime.
Pro
For the full experience including quality scoring and one-click install features for each skill — upgrade to Pro.
How do I install the Detecting Debug Endpoints Claude Code skill?
Install via the ClaudSkills desktop app (one click) or copy SKILL.md from the source repository to ~/.claude/skills/detecting-debug-endpoints/SKILL.md and restart Claude Code. Both flows are detailed at claudskills.com/install/.
What does the Detecting Debug Endpoints skill do?
Probe a target for accidentally-public admin / debug / introspection endpoints — Spring Boot Actuator, Apache server-status, Prometheus metrics, GraphQL playground, Swagger UI, phpMyAdmin, JMX-over-HTTP (Jolokia), Elasticsearch _cat, Kibana / Grafana / Eureka / Consul panels. Use when: post-deploy verification, security audit before SOC2, inheriting a system you didn't build, or a bug bounty hints at an exposed introspection panel. Threshold: any of the canonical 40+ admin/debug paths returns 200, 302 to a login, or framework-specific JSON shape (e.g., Actuator returning a _links object, server-status HTML body containing the Apache Server Status title). Trigger with: "check debug endpoints", "actuator exposure", "admin panel scan", "graphql playground check".
Is this skill free to install?
Yes. ClaudSkills is an open registry — every skill keeps its source repository's license, and manual install via copy is free. ClaudSkills Pro ($9/mo, $79/yr, or $149 one-time) adds one-click install via the desktop app and a multi-signal Quality Score.
When should I use the Detecting Debug Endpoints skill?
Use Detecting Debug Endpoints when your Claude Code task falls under the Engineering category — specifically in the frontend area. Claude Code auto-discovers installed skills and invokes the right one based on the task description, so you can also ask Claude directly (e.g. "use Detecting Debug Endpoints" or describe the task and let Claude pick). Browse related skills at /category/engineering/.
What is a Claude Code skill and how does the Detecting Debug Endpoints skill fit in?
A Claude Code skill is a SKILL.md file that lives under ~/.claude/skills/<name>/ and tells the Claude Code CLI agent how to perform a specific task (instructions, prompts, allowed tools). Skills are auto-discovered at session start. Detecting Debug Endpoints is one of 67,000+ skills indexed in the open ClaudSkills catalog, classified under the Engineering category. Learn more at /learn/what-is-a-claude-skill/.
Promote, attribute, or link this skill from your own README, blog post, or documentation. All three snippets are free to use — no sign-up, no API key. More distribution surfaces →
Claude™ is a trademark of Anthropic PBC. ClaudSkills (also referred to as Claude Skills or Claude Code Skills Catalog) is an independent community-curated registry of SKILL.md files, not affiliated with, endorsed by, or sponsored by Anthropic.
Install ClaudSkills — browse 70k+ skills offline, one tap from your home screen.