Summary
Shannon runs autonomous penetration tests against web apps by analyzing your source code and executing real exploits to prove vulnerabilities exist. It's Docker-based, covers OWASP Top 10 (injection, XSS, SSRF, broken auth), and claims a 96% exploit success rate on the XBOW benchmark. You point it at a local or staging environment with the corresponding source code, and it spends about 90 minutes finding and exploiting attack vectors. The skill handles the orchestration: cloning the repo, setting up configs for authenticated flows, and parsing reports. This is actual offensive security testing, not static analysis, so the obvious warning applies: only run it against systems you own or have written authorization to test.
Install to Claude Code
npx -y skills add unicodeveloper/shannon --skill shannon --agent claude-codeInstalls into .claude/skills of the current project.
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
An agent that runs the SEO playbooks that move rankings and ships PRs you control.
Get founding access →
Connect Claude to +800M contacts, +150M companies. Find & Enrich leads in chat.
Try For Free →Files
SKILL.md
Select a file.
Featured
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →An agent that runs the SEO playbooks that move rankings and ships PRs you control.
Get founding access →Connect Claude to +800M contacts, +150M companies. Find & Enrich leads in chat.
Try For Free →First SeenApr 16, 2026
