← Back to Skills Marketplace

Bug Bounty Report Template

Name: Bug Bounty Report Template
Author: hostilespider

by HostileSpider · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ✓ Security Clean

134

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install bb-report-template

Description

Generate professional bug bounty reports for HackerOne, Bugcrowd, and other platforms. Pre-filled templates with CWE mapping, reproduction steps, and severit...

README (SKILL.md)

Bug Bounty Report Template Generator

Generate professional, platform-ready bug bounty reports. Supports HackerOne, Bugcrowd, and generic formats with automatic CWE mapping and severity assessment.

Quick Start

python3 {baseDir}/scripts/generate-report.py --platform hackerone --title "XSS in Profile Page" --severity medium
python3 {baseDir}/scripts/generate-report.py --platform bugcrowd --type idor --target example.com

Options

--platform PLATFORM — Target platform: hackerone, bugcrowd, generic (default: generic)
--type TYPE — Vulnerability type: xss, idor, sqli, ssrf, rce, auth-bypass, info-disclosure, csrf, redirect, custom
--title TITLE — Report title
--severity LEVEL — critical, high, medium, low, info
--target DOMAIN — Target domain/application
--output FILE — Output file path (default: stdout)
--template TEMPLATE — Custom template file

Features

Automatic CWE mapping for common vulnerability types
CVSS score calculation helper
Pre-formatted reproduction steps sections
Impact assessment templates
Mitigation suggestions
Scope validation reminders

Example Output Structure

# [Title]

## Summary
[Brief description]

## Steps to Reproduce
1. Navigate to...
2. Intercept request...
3. Modify parameter...

## Impact
[Business impact description]

## Remediation
[Suggested fix]

## References
- CWE-XXX: [Description]
- CVSS: [Score]

Usage Guidance

This skill appears safe and does what it says: generate report text locally. Before using, run the script locally and inspect the output. Avoid pasting real API keys or live tokens into the generated Proof-of-Concept sections, and do not use the template to perform or describe destructive testing on live targets. If you want added safety, open the included scripts/generate-report.py in a text editor to review, then run the script in an isolated environment. (No network calls or credential usage were found in the code.)

Capability Analysis

Type: OpenClaw Skill Name: bb-report-template Version: 1.0.0 The skill bundle is a straightforward template generator for bug bounty reports. The Python script (scripts/generate-report.py) uses standard libraries to format user-provided input into markdown reports with CWE mappings, and it contains no network activity, file system access (beyond writing the report), or suspicious instructions.

Capability Assessment

✓ Purpose & Capability

Name/description match the provided artifacts. The SKILL.md asks for python3 and the repository contains a Python script that generates report text with CWE/CVSS mappings and platform-specific checklists — all expected for a report template.

✓ Instruction Scope

Runtime instructions only run the included Python script with command-line options; the script builds text and prints or writes it to a file. The instructions do not request reading unrelated system files, environment secrets, or contacting external endpoints.

✓ Install Mechanism

No install spec is provided (instruction-only). The only required binary is python3, which is reasonable and proportional for running the included script.

✓ Credentials

No environment variables, credentials, or config paths are requested. The script does not access environment secrets or external services; this is appropriate for the stated functionality.

✓ Persistence & Privilege

The skill is not marked always:true and does not attempt to persist, modify other skills, or change system-wide settings. It only runs a one-off script when invoked.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install bb-report-template
After installation, invoke the skill by name or use /bb-report-template
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.0

Initial release — HackerOne/Bugcrowd report generator with CWE mapping

Metadata

Slug bb-report-template

Version 1.0.0

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is Bug Bounty Report Template?

Generate professional bug bounty reports for HackerOne, Bugcrowd, and other platforms. Pre-filled templates with CWE mapping, reproduction steps, and severit... It is an AI Agent Skill for Claude Code / OpenClaw, with 134 downloads so far.

How do I install Bug Bounty Report Template?

Run "/install bb-report-template" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Bug Bounty Report Template free?

Yes, Bug Bounty Report Template is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Bug Bounty Report Template support?

Bug Bounty Report Template is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Bug Bounty Report Template?

It is built and maintained by HostileSpider (@hostilespider); the current version is v1.0.0.

More Skills