Bootstrap web, whitebox, Android, smart-contract, or native bounty targets from a program URL. Capture scope, stage artifacts, fingerprint lanes, and ready the local toolchain for hunting.
How this skill is triggered — by the user, by Claude, or both
Slash command
/bounty-target-bootstrap:bounty-target-bootstrapThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Bootstrap a target from a program page when intake must finish before deeper auditing.
Bootstrap a target from a program page when intake must finish before deeper auditing.
This is an intake-only phase. The job is to collect and normalize everything the host explicitly exposes for later whitebox or audit work. Do not invent new assets, and do not start exploit work from this skill.
Load these on demand:
plugins/bounty-hunting-programs/skills/bounty-program-triage/SKILL.md after whitebox source lands locallyplugins/bounty-hunting-programs/skills/bounty-program-mobile-android/SKILL.md for Android follow-on workplugins/bounty-hunting-programs/skills/bounty-program-smart-contracts/SKILL.md when the host provides deployed contracts or on-chain source referencesweb, whitebox, android, smart-contract, or nativeWallet, Smart Contract, Blockchain, and Exchangeweb, whitebox, android, smart-contract, or native.references/workspace-contract.md.python plugins/bounty-target-bootstrap/skills/bounty-target-bootstrap/scripts/bootstrap_target.py --input <json> --repo-root . --readiness-mode ensureaudit-targets/<slug>/scope/target.json, scope/target-surface.md, scope/smart-contracts.md, prep/bootstrap-summary.md, prep/environment-readiness.md, prep/severity-conditions.md, prep/context-pack/, and prep/ready-for-bounty.md.scope/chain-inventory.json, scope/protocol-archetype.md, scope/proxy-topology.md, scope/dependency-boundaries.md, prep/attack-surface-map.md, prep/protocol-invariants.md, and prep/web3-readiness.md.prep/kage-plan.md, prep/caido-plan.md, and prep/context-pack/web-handoff.md.prep/asset-inventory.mdprep/tried-and-ruled-out.mdprep/finding-pipeline.mdprep/bootstrap-summary.mdprep/environment-readiness.mdprep/environment-readiness.jsonprep/severity-conditions.mdprep/kage-plan.md when web/API breadth testing stays in scopeprep/caido-plan.md when authenticated replay is likely usefulprep/attack-surface-map.mdprep/protocol-invariants.mdprep/web3-readiness.mdprep/context-pack/findings/README.mdbrowser_snapshot after each expand or click cycle.raw_scope_notes; do not rely on memory.in_scope, out_of_scope, and rules as separate lists, not one merged blob.whitebox or android.audit-targets/<slug>/.in-scope, out-of-scope, rules, and program notes.prep/kage-plan.md for breadth-first web/API follow-up when a web lane exists.prep/caido-plan.md for authenticated replay-heavy web/API follow-up when a web lane exists.prep/bootstrap-summary.md so the hunting pipeline can resume without reconstructing scope, trust boundaries, lane choice, or severity expectations.prep/severity-conditions.md so hunting can compare each candidate against the program's medium, high, and critical bars before stopping.prep/context-pack/ with bootstrap-friendly summaries or pointers for the baseline context.ready-for-bounty.md before starting deeper review.raw_scope_notes.Guides collaborative design exploration before implementation: explores context, asks clarifying questions, proposes approaches, and writes a design doc for user approval.
Creates structured, bite-sized implementation plans from specs or requirements before writing code. Useful for breaking down multi-step tasks into testable steps with file structure and task boundaries.
Synthesizes the current conversation into a structured spec (PRD) and publishes it to the project issue tracker with a ready-for-agent label, without interviewing the user.
npx claudepluginhub daothinh/spec-cdex --plugin bounty-target-bootstrap