Abstract: In the process of digital transformation, API becomes more common in application architecture due to information flow and connection between various programs, applications and systems. As a bridge between applications and between applications and users, API bears the business logic of enterprises and a large number of sensitive data. They are growing explosively in the digital age. The exploration of API security has become an unavoidable topic. In this paper, an API risk detection model (MO_BLA) is designed. Taking advantage of the low false alarm rate of ModSecurity rule set for risk APIs, the deep learning model was integrated and attention mechanism was introduced to improve the accuracy of API risk detection. The experimental results show that the proposed method has obvious advantages in API risk detection, and its recognition accuracy can reach 97.50%.