Hack

This is a router skill for bug bounty and web security testing that helps you figure out what to look at first instead of spraying random payloads. It triages targets by observable behavior (input reflection, file uploads, API endpoints, auth flows) and routes you to the right specialized skill from a collection covering XSS, SQLi, SSRF, IDOR, JWT attacks, business logic flaws, and about 20 other categories. The routing table is surprisingly practical, linking things like controllable filenames to path traversal or MongoDB syntax exposure to NoSQL injection. Use it when you have a new target and need a methodical starting point, or when you want the AI to stop missing boundary conditions that matter in real engagements.