陌讯skills聚合平台

pentest-evidence-structuring-report-synthesis

📁 crtvrffnrt/skills 📅 7 days ago
9
总安装量
9
周安装量
#33049
全站排名
安装命令
npx skills add https://github.com/crtvrffnrt/skills --skill pentest-evidence-structuring-report-synthesis

Agent 安装分布

gemini-cli 9
amp 7
github-copilot 7
codex 7
kimi-cli 7
opencode 7

Skill 文档

Evidence Structuring & Report Synthesis

Activation Triggers (Positive)

  • write report
  • consolidate findings
  • severity
  • remediation
  • executive summary
  • evidence table
  • final deliverable

Exclusion Triggers (Negative)

  • run exploit
  • perform recon
  • fuzz inputs
  • live validation

Output Schema

  • Confirmed findings table: id, title, severity, confidence, impact
  • Evidence map: finding id to reproducible proof artifacts
  • Remediation plan: prioritized fixes with verification guidance

Instructions

  1. Separate confirmed findings from hypotheses and informational observations.
  2. Deduplicate by root cause and attacker capability, not by endpoint count alone.
  3. Assign severity from demonstrated impact and exploitability evidence.
  4. Keep technical evidence concise, reproducible, and traceable.
  5. Produce both technical and executive views from the same canonical evidence.
  6. Mark open questions and explicitly state what remains unverified.

Should Do

  • Preserve factual precision and reproducibility in every finding.
  • Keep structure stable for machine parsing and downstream tracking.
  • Tie remediation to the broken control and observed exploit path.

Should Not Do

  • Do not inflate severity without demonstrated impact.
  • Do not merge unrelated root causes into a single finding.
  • Do not hide uncertainty; mark assumptions explicitly.
GitHub 仓库 ↗ ← 返回陌讯 Skills 聚合平台
本页面由 陌讯 Skills 聚合平台 收录整理,数据定期更新。