Apply Open Worldwide Application Security Project (OWASP) API rules to your OpenAPI specification using vacuum. Learn more about OWASP.
These rules were written by Ricardo Graça.
vacuum supports OWASP API rules out of the box!
To use them, you will need to create a ruleset that extends the
Create a new file (something like owasp-rules.yaml) and add the following YAML to it:
extends: [[spectral:oas, recommended], [vacuum:owasp, all]]
Get ready to be told about all the things you are doing wrong!
What you see may hurt, but it’s for the good of the API.