Slash Command

/pentest

Runs penetration tests on web, API, browser, GitHub, and local code for vulnerabilities like XSS, SQLi, auth flaws, CORS, secrets, with proof-of-concepts using Playwright.

Playwright

Github

security

testing

npx claudepluginhub houseofmvps/ultraship --plugin ultraship

Prompt Preview

Invoke the ultraship:pentest skill to run a full penetration test on this project. Probe for injection vulnerabilities (XSS, SQLi, SSTI, command injection), authentication flaws, CORS misconfigurations, exposed secrets, prototype pollution, race conditions, and more. Every finding includes proof-of-concept. Uses Playwright for browser-side testing.

Command Content

Other plugins with /pentest

/pentest

Performs authorized penetration testing with recon, OWASP vuln assessment, PoC exploits, API/web checks, and generates formal MD report with risk ratings in docs/security/. Supports focused modes via flags.

godmode

/fire-vuln-scan

Scans application codebase for OWASP Top 10 vulnerabilities using AI reasoning. Reports findings with optional deep analysis, category filters, fix previews, client/server focus, and critical-only mode.

dominion-flow

/pentest

1.9k

Runs interactive security assessment on URL or codebase: confirms auth, scans web/dependencies/code, summarizes findings by severity, suggests prioritized fixes, generates JSON report.

penetration-tester

/kasi-security

Runs security audit on project codebase: detects stack (PHP/Node/Python/etc.), loads checklist, scans files for SQLi/XSS/CSRF/auth bypass/etc., outputs prioritized findings with confidence labels.

kasidit

/security-scan

Scans codebase for vulnerabilities, hardcoded secrets, OWASP Top 10 compliance, and security best practices violations. Produces report with issues and fix recommendations.

5 tools

autonomous-dev

/security

Conducts security reviews of apps, APIs, scripts, and configs using OWASP Top 10 best practices and threat modeling; detects vulnerabilities and suggests fixes.

sonnet4 tools

backend-security

Stats

Stars78

Forks7

Last CommitMar 30, 2026

Actions

View Source View Plugin View on GitHub View README

Help us improve

Share bugs, ideas, or general feedback.

Invoke the ultraship:pentest skill to run a full penetration test on this project. Probe for injection vulnerabilities (XSS, SQLi, SSTI, command injection), authentication flaws, CORS misconfigurations, exposed secrets, prototype pollution, race conditions, and more. Every finding includes proof-of-concept. Uses Playwright for browser-side testing.