Marketplace
Find the right skill for the job.
Browse the full catalog through outcome-first channels, technical facets, rating filters, and server-side pagination built for a large public marketplace.
Windows Privilege Escalation
This skill should be used when the user asks to "escalate privileges on Windows," "find Windows privesc vectors," "enumerate Windows for privilege escalation," "exploit Windows misconfigurations," or "perform post-exploitation privilege escalation." It provides comprehensive guidance for discovering and exploiting privilege escalation vulnerabilities in Windows environments.
Network 101
This skill should be used when the user asks to "set up a web server", "configure HTTP or HTTPS", "perform SNMP enumeration", "configure SMB shares", "test network services", or needs guidance on configuring and testing network services for penetration testing labs.
Shodan Reconnaissance and Pentesting
This skill should be used when the user asks to "search for exposed devices on the internet," "perform Shodan reconnaissance," "find vulnerable services using Shodan," "scan IP ranges with Shodan," or "discover IoT devices and open ports." It provides comprehensive guidance for using Shodan's search engine, CLI, and API for penetration testing reconnaissance.
SSH Penetration Testing
This skill should be used when the user asks to "pentest SSH services", "enumerate SSH configurations", "brute force SSH credentials", "exploit SSH vulnerabilities", "perform SSH tunneling", or "audit SSH security". It provides comprehensive SSH penetration testing methodologies and techniques.
Pentest Commands
This skill should be used when the user asks to "run pentest commands", "scan with nmap", "use metasploit exploits", "crack passwords with hydra or john", "scan web vulnerabilities with nikto", "enumerate networks", or needs essential penetration testing command references.
Cross-Site Scripting and HTML Injection Testing
This skill should be used when the user asks to "test for XSS vulnerabilities", "perform cross-site scripting attacks", "identify HTML injection flaws", "exploit client-side injection vulnerabilities", "steal cookies via XSS", or "bypass content security policies". It provides comprehensive techniques for detecting, exploiting, and understanding XSS and HTML injection attack vectors in web applications.
Pentest Checklist
This skill should be used when the user asks to "plan a penetration test", "create a security assessment checklist", "prepare for penetration testing", "define pentest scope", "follow security testing best practices", or needs a structured methodology for penetration testing engagements.
search-tools
Search Tool Hierarchy
commit
Create git commits with user approval and no Claude attribution
dead-code
Find unused functions and dead code in the codebase
background-agent-pings
Background Agent Pings
debug
Debug issues by investigating logs, database state, and git history
review
Comprehensive code review workflow - parallel specialized reviews → synthesis
workflow-router
Goal-based workflow orchestration - routes tasks to specialist agents based on user goals
system-overview
Show users how Continuous Claude works - the opinionated setup with hooks, memory, and coordination
research-agent
Research agent for external documentation, best practices, and library APIs via MCP tools
rudin-real-complex-analysis
Problem-solving with Rudin's Real and Complex Analysis textbook
math-intuition-builder
Develops mathematical understanding through examples, visualization, and analogy
research
Document codebase as-is with thoughts directory for historical context
numerical-integration
Problem-solving strategies for numerical integration in numerical methods
graph-algorithms
Problem-solving strategies for graph algorithms in graph number theory
onboard
Analyze brownfield codebase and create initial continuity ledger
recall
Imported from https://github.com/parcadei/Continuous-Claude-v3.
trace-claude-code
Automatically trace Claude Code conversations to Braintrust for observability. Captures sessions, conversation turns, and tool calls as hierarchical traces.