From kage
Run a local pentest sandbox in Docker for black-box, greybox, or white-box security audits. Triggers on "kage", "pentest", "security audit on", and "audit the security of". Uses the bundled Kali sidecar and writes artifacts under `./results/<target>/`.
How this skill is triggered — by the user, by Claude, or both
Slash command
/kage:kageThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Use Kage when active testing should happen inside the bundled Kali
README.mdagents/access-control-tester.mdagents/api-tester.mdagents/auth-tester.mdagents/chain-builder.mdagents/client-side-tester.mdagents/content-discovery.mdagents/headers-tester.mdagents/idor-tester.mdagents/injection-tester.mdagents/js-secret-scanner.mdagents/judge.mdagents/logic-tester.mdagents/port-scanner.mdagents/report-writer.mdagents/ssrf-tester.mdagents/verifier.mdagents/vuln-scanner.mdassets/creds.sample.mdassets/docker/DockerfileUse Kage when active testing should happen inside the bundled Kali
sidecar, not on the host. The Codex port keeps the same container and
probe scripts, but runs as a single-agent workflow by default. The
agents/ docs remain useful as checklists and prompt contracts, but
they are optional references rather than a hard dependency.
kage <target> — black-box engagement against a domain, URL, or wildcardkage recon-only <target> — recon and vuln scan onlykage greybox <target> <source-path> — black-box plus local source contextkage audit <local path> — source-driven review with containerized helpers when usefulresults/<target>/ so the engagement is reproducible.references/judging.md before writing or keeping a PoC.asciinema and keep the .cast with the rest of the evidence.Treat $K below as the shell-appropriate shim command:
"{baseDir}/scripts/k"& (Join-Path "{baseDir}" "scripts/k.ps1")Warm the sandbox first. If Docker is missing or the daemon is down, stop and surface the exact error.
Entry:
Actions:
blackbox, recon-only, greybox, or audit.results/<target>/.whoami to bootstrap the container.results/<target>/reconresults/<target>/vulnsresults/<target>/testingresults/<target>/exploitsresults/<target>/chainsresults/<target>/verificationresults/<target>/judgingresults/<target>/reports./creds.md if present. If authenticated testing is required and
the file is missing, surface the gap and continue only with unauthenticated work.results/<target>/engagement.json with:
targetscope_typestarted_atrules_of_engagementGreybox add-on:
references/audit-context-building/SKILL.md.results/<target>/context.md with trust boundaries, auth flow,
high-value entry points, sensitive parameters, and any data that the client
should never legitimately receive.Exit:
engagement.json existsEntry:
Actions:
recon/subs.txtrecon/live.txtrecon/wayback.txtrecon/crawl.txtrecon/dorks.jsonrecon/ports/ or recon/ports.txt.vulns/nuclei.txt.GITHUB_TOKEN is available and the target looks organization-backed,
run scripts/gitmail.py and save recon/github.json.recon/summary.md covering:
Helpful commands:
"$K" bash -lc 'cd /workspace && R="results/<target>" && \
(subfinder -d "<target>" -silent | tee "$R/recon/subs.txt" | \
httpx -silent -title -tech-detect -status-code | tee "$R/recon/live.txt") & \
(gau --subs "<target>" > "$R/recon/wayback.txt") & \
(until [ -s "$R/recon/live.txt" ]; do sleep 1; done; \
katana -u "$R/recon/live.txt" -d 3 -jc -silent -o "$R/recon/crawl.txt") & \
(python3 /skill/scripts/dorks.py -d "<target>" --output "$R/recon/dorks.json") & \
wait'
"$K" bash -lc 'cd /workspace && LIVE="results/<target>/recon/live.txt" && \
[ -s "$LIVE" ] && cut -d" " -f1 "$LIVE" | sort -u | \
xargs -r -n1 -P4 -I{} nmap -Pn -T4 -p- --min-rate 1000 "{}" -oN "results/<target>/recon/ports-{}.txt"'
"$K" bash -lc 'cd /workspace && nuclei -l results/<target>/recon/live.txt -o results/<target>/vulns/nuclei.txt'
Exit:
recon/summary.md existsrecon-only, stop hereEntry:
Actions:
references/methodology.md.testing/<class>/ instead of delegating by default:
scripts/authbypass.pyscripts/idor.pyscripts/diff.pyscripts/ssrf.pyscripts/cors.py, scripts/headers.pyscripts/race.pyscripts/tls.pyscripts/browser.pyffuf, dirsearch, sqlmap, dalfox, nucleirg for keys,
secrets, internal URLs, GraphQL operations, and auth hints.tried-and-ruled-out list.context.md.Rules:
agents/*.md files only as checklists or prompt contracts if you
explicitly choose to delegate in a different environment.Exit:
Entry:
Actions:
references/judging.md.exploits/.verification/F<NNN>/.verification/verified_findings.json.references/chains.md and look for meaningful finding chains.judging/approved_findings.jsonjudging/judgment.mdjudging/dropped_findings.mdRequirements:
clear, echo " > Proof of Concept", echo " > crafted by dxoth1nh", echo "", sleep 2, and the very next real command after sleep 2 must be the first PoC command.tls.py gets blocked, retry with a rotated impersonation or switch to browser.py.Exit:
Entry:
Actions:
references/audit-report-template.md
as the structure for results/<target>/audit-report.md.Exit:
results/<target>/audit-report.md existsresults/<target>/creds.md when authenticated testing is requiredreferences/methodology.md — trigger matrix and concrete probe commandsreferences/judging.md — filter, severity, and exclusion rulesreferences/chains.md — escalation-chain patternsreferences/report-formatting.md — platform conventionsreferences/audit-report-template.md — final report skeletonreferences/tools.md — sidecar tool inventoryreferences/audit-context-building/SKILL.md — greybox methodologyreferences/agentmail/SKILL.md — disposable inboxes when multi-account signup mattersassets/creds.sample.md — credentials and scope templateassets/wordlist-strategy.md — target-specific wordlist guidancenpx claudepluginhub daothinh/spec-cdex --plugin kageGuides completion of development work by verifying tests, detecting environment, and presenting structured options for merge, PR, or cleanup.
Enforces test-driven development: write failing test first, then minimal code to pass. Use when implementing features or bugfixes.
Guides creation and editing of skills using test-driven development with pressure scenarios and subagents to verify agent compliance.