This is your entry point when you land on a new security target and need to figure out what you're actually dealing with before throwing payloads at it. It walks you through scoping assets, fingerprinting tech stacks, building endpoint inventories, and then routes you to the right testing methodology based on what you find. Think of it as the "look before you leap" skill that keeps you from wasting time on random enumeration. It explicitly links out to follow-up skills for API testing, auth issues, injection checks, and business logic flaws, plus has built-in checks for exposed SCM directories and dependency confusion vectors. Basically prevents you from starting penetration testing like a headless chicken.
npx skills add https://github.com/yaklang/hack-skills --skill recon-for-sec