Summary
This is a structured penetration testing workflow that follows the PTES methodology across seven phases, from scoping to exploitation to reporting. It enforces a strict "no exploit, no report" policy, meaning every finding needs a working proof of concept or it gets dropped. The output is a scored report (0-100 scale) with CVSS ratings and specific remediation steps. Honestly, the real value here is the forcing function: it delegates to specialist skills for SAST, mobile reversing, and logic flaws, then consolidates everything into audit-grade documentation. You'd use this when you need to produce evidence-backed security findings rather than just scanner output, though you'll need explicit authorization before running it against any target.
Install to Claude Code
npx -y skills add hoangnguyen0403/agent-skills-standard --skill pentest --agent claude-codeInstalls into .claude/skills of the current project.
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
An agent that runs the SEO playbooks that move rankings and ships PRs you control.
Get founding access →
Connect Claude to +800M contacts, +150M companies. Find & Enrich leads in chat.
Try For Free →Files
SKILL.md
Select a file.
Featured
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →An agent that runs the SEO playbooks that move rankings and ships PRs you control.
Get founding access →Connect Claude to +800M contacts, +150M companies. Find & Enrich leads in chat.
Try For Free →First SeenJun 11, 2026
