Engineering

Pentest

engineering/skills/pentest

Authorized offensive-security skill for validating exploitability against approved targets.

Use for authorized hands-on offensive security work against staging, sandbox, or lab targets. Covers pentest planning, finding validation, exploitability proof, raw HTTP replay, browser and API testing, network and cloud assessment, secrets and misconfiguration discovery, bounded post-exploitation, and evidence-driven pentest reporting. Do not use for passive code review or compliance audits.

Install This Skill

This skill now lives in the engineering department plugin, so every command targets the department-scoped path instead of the old flat skills/ layout.

Vercel `npx skills`

npx -y skills add ./engineering/skills/pentest

Portable single-skill install. Use the department root to install the full plugin as skills.

Codex manual install

mkdir -p ~/.codex/skills
cp -R engineering/skills/pentest ~/.codex/skills/

Copies only this skill into Codex from the new department-scoped repo layout.

Codex `$skill-installer`

https://github.com/alvarovillalbaa/plugins/tree/main/engineering/skills/pentest

Direct GitHub path for Codex skill-installer or any runtime that installs from a skill folder URL.

OpenClaw manual install

mkdir -p ~/.openclaw/skills
cp -R engineering/skills/pentest ~/.openclaw/skills/

Useful when OpenClaw should load one skill without importing the whole department.

Repo source

https://github.com/alvarovillalbaa/plugins/tree/main/engineering/skills/pentest

Browse the live source, references, examples, templates, and scripts directly.

Department plugin

engineering

What it does

Authorized offensive-security skill for validating exploitability against approved targets.

How it works

Authorized offensive-security skill for validating exploitability against approved targets.