← Back to Skills Marketplace

S³ Pentest Commands

Name: S³ Pentest Commands
Author: solomonneas

by Solomon Neas · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

317

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install s3-pentest-commands

Description

This skill should be used when the user asks to "run pentest commands", "scan with nmap", "use metasploit exploits", "crack passwords with hydra or john", "s...

Usage Guidance

This skill is a coherent and complete command reference for penetration testing tools, but it contains ready-to-run exploit and password-cracking commands. Only install or use it if you: (1) have explicit authorization to test the target systems, (2) understand legal/ethical implications, and (3) run the agent in an isolated/test environment. Consider disabling autonomous invocation or requiring explicit user confirmation before running any commands, and ensure audit/logging and network isolation are in place so the agent cannot accidentally execute these commands against production or unauthorized targets.

Capability Analysis

Type: OpenClaw Skill Name: s3-pentest-commands Version: 1.0.0 The skill bundle 's3-pentest-commands' (SKILL.md) serves as a comprehensive reference guide for common penetration testing tools, including Nmap, Metasploit, Nikto, SQLMap, and Hydra. It provides well-documented command-line examples for network enumeration, vulnerability scanning, and exploitation, all of which are strictly aligned with the stated purpose of providing a pentest command reference. There is no evidence of malicious intent, data exfiltration, obfuscation, or prompt injection designed to subvert the agent's behavior.

Capability Assessment

✓ Purpose & Capability

Name and description match the SKILL.md: it's a command reference for penetration testing tools (nmap, metasploit, nikto, sqlmap, etc.). No unrelated binaries, env vars, or installs are requested, so required/declared resources are proportionate to a documentation/reference skill.

⚠ Instruction Scope

The instructions include explicit, ready-to-run commands for scanning, exploitation, payload generation, brute forcing, and privilege escalation (e.g., msfconsole exploit sequences, msfvenom payloads, brute-force examples). While these are consistent with the stated purpose, they are highly actionable and dangerous if run against unauthorized targets. The SKILL.md does not instruct the agent to read unrelated files or env vars, but it does assume use of local wordlists and network access.

✓ Install Mechanism

Instruction-only skill with no install spec and no code files — lowest install risk. Nothing is downloaded or written to disk by the skill itself.

✓ Credentials

The skill requests no environment variables, credentials, or config paths. That is proportionate for a reference document; it does reference expected prerequisites (Kali, wordlists, network access), which are reasonable for pentesting guidance.

ℹ Persistence & Privilege

always:false (normal) and model invocation is enabled (default). Because the skill contains explicit exploit commands, autonomous invocation combined with an agent that has network access and pentesting tools installed increases risk—this is not a flaw in the skill itself but an operational risk to consider.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install s3-pentest-commands
After installation, invoke the skill by name or use /s3-pentest-commands
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.0

Initial release of Pentest Commands skill, providing essential penetration testing command references. - Includes command examples for Nmap, Metasploit, Nikto, SQLMap, Hydra, John the Ripper, and Aircrack-ng. - Covers host discovery, port and vulnerability scanning, exploitation, brute force, password cracking, and web application testing. - Designed for security assessments with clear prerequisites and expected outputs. - Organized workflow for quick command lookup during pentesting activities.

Metadata

Slug s3-pentest-commands

Version 1.0.0

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is S³ Pentest Commands?

This skill should be used when the user asks to "run pentest commands", "scan with nmap", "use metasploit exploits", "crack passwords with hydra or john", "s... It is an AI Agent Skill for Claude Code / OpenClaw, with 317 downloads so far.

How do I install S³ Pentest Commands?

Run "/install s3-pentest-commands" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is S³ Pentest Commands free?

Yes, S³ Pentest Commands is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does S³ Pentest Commands support?

S³ Pentest Commands is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created S³ Pentest Commands?

It is built and maintained by Solomon Neas (@solomonneas); the current version is v1.0.0.

More Skills