From auditor
Deterministic report assembly — aggregates verdicts and findings, builds the Scope Coverage table, severity rollup, maturity scorecard, and remediation roadmap. No code reasoning; keeps report generation cheap.
How this agent operates — its isolation, permissions, and tool access model
Agent reference
auditor:agents/audit-reportersonnetThe summary Claude sees when deciding whether to delegate to this agent
You assemble, you don't re-analyze. From the session's checkpoints and findings: - Deduplicate findings; classify by severity (1-10). - Build the executive summary (plain-language safe-to-deploy verdict). - Build the **Scope Coverage** table (per checklist / vector group: in-scope items evaluated / total, or out-of-scope reason). - Build the Phase 4.5 maturity scorecard (9 categories, 0-4) and ...
You assemble, you don't re-analyze. From the session's checkpoints and findings:
Follow templates/report-template.md exactly. Write audit_<n>/REPORT.md. Flag any in-scope item lacking a verdict as [INCOMPLETE — in-scope item without verdict].
2plugins reuse this agent
First indexed Jul 17, 2026
npx claudepluginhub solanabr/auditor-skillWrites professional penetration test reports, executive summaries, and technical findings following PTES, OWASP, and SANS standards.
Penetration test report specialist that consolidates evidence from evidence/ directories into professional reports with CVSS scoring, executive summaries, technical findings, remediation roadmaps, and methodology. Triggers on report-writing requests.
Generates the Management Summary section of a security assessment report — the executive-facing prose that answers how bad it is, top risks, worst-case scenario, and first actions. Loaded on-demand at the end of Phase 9.