Back to Details

competition-graphql-rpc-drift

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Competition Graphql Rpc Drift

竞赛场景GraphQL RPC漂移检测

Use this skill only as a downstream specialization after 
$ctf-sandbox-orchestrator
is already active and has established sandbox assumptions, node ownership, and evidence priorities. If that has not happened yet, return to 
$ctf-sandbox-orchestrator
first.
Use this skill when the hard part is matching declared contracts with live handlers to find hidden, stale, or privileged operations.
Reply in Simplified Chinese unless the user explicitly requests English.
仅可在
$ctf-sandbox-orchestrator
已处于激活状态,且已经完成沙箱假设设定、节点归属确认和证据优先级划分后,作为下游专项技能使用。如果尚未完成上述步骤,请先返回
$ctf-sandbox-orchestrator
流程。
当核心需求是匹配声明的契约与线上处理程序,以查找隐藏、过期或特权操作时使用本技能。
除非用户明确要求使用英文,否则请使用简体中文回复。

Quick Start

快速开始

  1. Collect the declared contract surface first: schema, manifest, generated client, persisted query map, or OpenAPI spec.
  2. Record actual request shapes, operation names, variables, method, path, and auth context before mutating anything.
  3. Compare declared contract, generated client behavior, and live handler behavior side by side.
  4. Preserve one accepted operation and one drifted or hidden operation with the smallest delta.
  5. Reproduce the smallest contract-to-handler mismatch that proves the decisive branch.
  1. 首先收集声明的契约暴露面:schema、清单、生成的客户端、持久化查询映射表或者OpenAPI规范。
  2. 在修改任何内容前,先记录实际请求的结构、操作名、变量、方法、路径和鉴权上下文。
  3. 并排对比声明的契约、生成的客户端行为和线上处理程序的行为。
  4. 留存一个可正常接受的操作,以及一个差异最小的漂移/隐藏操作。
  5. 复现能够证明决定性分支的最小化契约-处理程序不匹配问题。

Workflow

工作流

1. Map The Declared Contract Surface

1. 梳理声明的契约暴露面

  • Record GraphQL schema, introspection output, persisted query ids, RPC manifests, generated clients, or OpenAPI documents that define the intended surface.
  • Note versioned endpoints, client-only guards, hidden enums, optional fields, and operation naming conventions.
  • Keep document source and generation path tied to the observed requests.
  • 记录定义了预期暴露面的GraphQL schema、自检输出、持久化查询ID、RPC清单、生成的客户端或者OpenAPI文档。
  • 标记带版本的端点、仅客户端生效的防护规则、隐藏枚举值、可选字段和操作命名规范。
  • 将文档来源和生成路径与观测到的请求关联留存。

2. Prove Live Handler Behavior

2. 验证线上处理程序行为

  • Capture the real request and response pairs, including operation name, variables, headers, cookies, and status.
  • Compare client-side validation, schema expectations, and live handler normalization or fallback behavior.
  • Record hidden operations, stale fields, undocumented methods, or handler-only branches that still execute.
  • 捕获真实的请求响应对,包括操作名、变量、请求头、Cookie和状态码。
  • 对比客户端侧校验、schema预期行为和线上处理程序的归一化/降级行为。
  • 记录仍然能够执行的隐藏操作、过期字段、未文档化方法或者仅处理程序侧存在的分支。

3. Reduce To The Decisive Drift Path

3. 提炼决定性漂移路径

  • Compress the result to the smallest sequence: declared contract -> actual request -> handler branch -> resulting capability.
  • State clearly whether the decisive drift lives in generated client assumptions, persisted query mapping, schema version skew, RPC manifest mismatch, or handler-side hidden logic.
  • If the task shifts into generic JWT, OAuth, or queue behavior after acceptance, hand off to the tighter specialized skill.
  • 将结果压缩为最小序列:声明的契约 -> 实际请求 -> 处理程序分支 -> 最终获得的权限。
  • 明确说明决定性漂移的来源:是生成的客户端假设问题、持久化查询映射问题、schema版本偏差、RPC清单不匹配还是处理程序侧的隐藏逻辑。
  • 如果任务在需求确认后转向通用JWT、OAuth或者队列行为,将任务转交给更适配的专项技能处理。

Read This Reference

参考文档

  • Load 
    references/graphql-rpc-drift.md
    for the contract checklist, live-handler checklist, and evidence packaging.
  • 加载
    references/graphql-rpc-drift.md
    获取契约检查清单、线上处理程序检查清单和证据打包规范。

What To Preserve

需要留存的内容

  • Schemas, manifests, generated clients, persisted query ids, operation names, and version markers
  • One accepted and one drifted request pair that proves the mismatch
  • One minimal contract-to-handler sequence that reaches the decisive effect
  • Schemas、清单、生成的客户端、持久化查询ID、操作名和版本标记
  • 一组能够证明不匹配问题的正常请求和漂移请求响应对
  • 一个能够触发决定性效果的最小化契约-处理程序执行序列