← 返回 Skills 市场
solomonneas

S³ Pentest Commands

作者 Solomon Neas · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
317
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install s3-pentest-commands
功能描述
This skill should be used when the user asks to "run pentest commands", "scan with nmap", "use metasploit exploits", "crack passwords with hydra or john", "s...
安全使用建议
This skill is a coherent and complete command reference for penetration testing tools, but it contains ready-to-run exploit and password-cracking commands. Only install or use it if you: (1) have explicit authorization to test the target systems, (2) understand legal/ethical implications, and (3) run the agent in an isolated/test environment. Consider disabling autonomous invocation or requiring explicit user confirmation before running any commands, and ensure audit/logging and network isolation are in place so the agent cannot accidentally execute these commands against production or unauthorized targets.
功能分析
Type: OpenClaw Skill Name: s3-pentest-commands Version: 1.0.0 The skill bundle 's3-pentest-commands' (SKILL.md) serves as a comprehensive reference guide for common penetration testing tools, including Nmap, Metasploit, Nikto, SQLMap, and Hydra. It provides well-documented command-line examples for network enumeration, vulnerability scanning, and exploitation, all of which are strictly aligned with the stated purpose of providing a pentest command reference. There is no evidence of malicious intent, data exfiltration, obfuscation, or prompt injection designed to subvert the agent's behavior.
能力评估
Purpose & Capability
Name and description match the SKILL.md: it's a command reference for penetration testing tools (nmap, metasploit, nikto, sqlmap, etc.). No unrelated binaries, env vars, or installs are requested, so required/declared resources are proportionate to a documentation/reference skill.
Instruction Scope
The instructions include explicit, ready-to-run commands for scanning, exploitation, payload generation, brute forcing, and privilege escalation (e.g., msfconsole exploit sequences, msfvenom payloads, brute-force examples). While these are consistent with the stated purpose, they are highly actionable and dangerous if run against unauthorized targets. The SKILL.md does not instruct the agent to read unrelated files or env vars, but it does assume use of local wordlists and network access.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest install risk. Nothing is downloaded or written to disk by the skill itself.
Credentials
The skill requests no environment variables, credentials, or config paths. That is proportionate for a reference document; it does reference expected prerequisites (Kali, wordlists, network access), which are reasonable for pentesting guidance.
Persistence & Privilege
always:false (normal) and model invocation is enabled (default). Because the skill contains explicit exploit commands, autonomous invocation combined with an agent that has network access and pentesting tools installed increases risk—this is not a flaw in the skill itself but an operational risk to consider.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install s3-pentest-commands
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /s3-pentest-commands 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of Pentest Commands skill, providing essential penetration testing command references. - Includes command examples for Nmap, Metasploit, Nikto, SQLMap, Hydra, John the Ripper, and Aircrack-ng. - Covers host discovery, port and vulnerability scanning, exploitation, brute force, password cracking, and web application testing. - Designed for security assessments with clear prerequisites and expected outputs. - Organized workflow for quick command lookup during pentesting activities.
元数据
Slug s3-pentest-commands
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

S³ Pentest Commands 是什么?

This skill should be used when the user asks to "run pentest commands", "scan with nmap", "use metasploit exploits", "crack passwords with hydra or john", "s... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 317 次。

如何安装 S³ Pentest Commands?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install s3-pentest-commands」即可一键安装,无需额外配置。

S³ Pentest Commands 是免费的吗?

是的,S³ Pentest Commands 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

S³ Pentest Commands 支持哪些平台?

S³ Pentest Commands 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 S³ Pentest Commands?

由 Solomon Neas(@solomonneas)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463556 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259610 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200551 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191226 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190235 · by oswalpalash

💬 留言讨论