Standard bug bounty workflow for native code, parsers, binaries, Rust crates, crypto-heavy components, and protocol handlers. Use when the target's primary risk comes from memory safety, parser confusion, FFI boundaries, or timing side channels.
How this skill is triggered — by the user, by Claude, or both
Slash command
/bounty-hunting-programs:bounty-program-nativeThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Use this workflow for C, C++, Rust, Go, parser-heavy code, helper binaries, and crypto-sensitive implementations.
Use this workflow for C, C++, Rust, Go, parser-heavy code, helper binaries, and crypto-sensitive implementations.
Load these references on demand:
../../references/bounty-standard.md../../references/codex-ready-building-blocks.md../../references/native-language-matrix.md../../references/report-checklist.mdbounty-program-web.native-language-matrix.md.fuzzer for parser and coverage-guided explorationconstant-time-analysis for crypto and secret-dependent control flowdwarf-expert for binary-only or DWARF-assisted inspectiondimensional-analysis for arithmetic and unit consistencykani-proof for Rust invariants and panic freedomsupply-chain-risk-auditor for risky third-party codevariant-analysis.scope/target.json, scope/in-scope.md, scope/rules.md, and prep/severity-conditions.md before assigning severity.medium+ finding exists or an exact blocker is recorded.npx claudepluginhub daothinh/spec-cdex --plugin bounty-hunting-programsCreates structured, bite-sized implementation plans from specs or requirements before writing code. Useful for breaking down multi-step tasks into testable steps with file structure and task boundaries.