Vibe Index
🎯

authenticating

🎯Skill

from transilienceai/communitytools

VibeIndex|
What it does

Validates and manages authentication credentials across different security testing scenarios, supporting token-based, OAuth, and multi-factor authentication workflows.

πŸ“¦

Part of

transilienceai/communitytools(6 items)

authenticating

Installation

git cloneClone repository
git clone https://github.com/transilienceai/communitytools.git
πŸ“– Extracted from docs: transilienceai/communitytools
Need more details? View full documentation on GitHub β†’
1Installs
-
AddedFeb 4, 2026
View on GitHubBack to Skills

Skill Details

SKILL.md

Overview

# Transilience AI Community Security Tools

[![MIT License](https://img.shields.io/badge/License-MIT-green.svg)](https://choosealicense.com/licenses/mit/)

[![PRs Welcome](https://img.shields.io/badge/PRs-welcome-brightgreen.svg)](CONTRIBUTING.md)

[![GitHub issues](https://img.shields.io/github/issues/transilienceai/communitytools)](https://github.com/transilienceai/communitytools/issues)

[![GitHub stars](https://img.shields.io/github/stars/transilienceai/communitytools)](https://github.com/transilienceai/communitytools/stargazers)

[![Claude AI](https://img.shields.io/badge/Powered%20by-Claude%20AI-blue)](https://claude.ai)

Open-source Claude Code skills, agents, and slash commands for AI-powered penetration testing, bug bounty hunting, and security research

[πŸš€ Quick Start](#-quick-start) β€’ [πŸ“– Documentation](#-documentation) β€’ [🀝 Contributing](CONTRIBUTING.md) β€’ [🌐 Website](https://www.transilience.ai)

---

πŸ“‹ Table of Contents

  • [Overview](#-overview)
  • [Key Features](#-key-features)
  • [Architecture](#-architecture)
  • [Use Cases](#-use-cases)
  • [Available Tools](#-available-tools)
  • [Quick Start](#-quick-start)
  • [How It Works](#-how-it-works)
  • [Contributing](#-contributing)
  • [Security & Legal](#-security--legal)
  • [Community](#-community)
  • [Roadmap](#-roadmap)
  • [License](#-license)

---

🎯 Overview

Transilience AI Community Tools is a comprehensive collection of Claude Code skills, agents, and slash commands for security testing, penetration testing, and bug bounty hunting. This repository provides AI-powered security workflows that run directly in Claude Code, enabling automated vulnerability testing, reconnaissance, and professional security reporting.

What's Inside?

This repository provides a complete Claude Code security testing framework:

  • 🎯 7 Security Testing Skills - Pentest, HackerOne, CVE testing, domain assessment, web app mapping
  • πŸ€– 35+ Specialized Agents - SQL injection, XSS, SSRF, JWT, OAuth, SSTI, XXE, and more
  • πŸ”§ 6 Orchestration Agents - Multi-phase coordinators (Pentester, HackerOne Hunter, Git workflows)
  • πŸ“ 14 Slash Commands - /pentest, /hackerone, /commit, /pr, /issue, /branch, /skiller
  • πŸ“š 264+ Lab Walkthroughs - PortSwigger Academy solutions with step-by-step guides
  • πŸ“Š Standardized Outputs - Professional reports with CVSS scoring and evidence

Why Choose Transilience Community Tools?

  • πŸ€– AI-Powered Automation - Claude AI orchestrates intelligent security testing workflows
  • 🎯 35+ Specialized Agents - Parallel vulnerability testing across all OWASP categories
  • πŸ” Complete OWASP Coverage - 100% OWASP Top 10 + SANS Top 25 CWE testing
  • πŸ“Š Professional Reporting - CVSS 3.1, CWE, MITRE ATT&CK, remediation guidance
  • πŸ”¬ Playwright Integration - Browser automation for client-side vulnerability testing
  • πŸŽ“ Educational Resources - 264+ lab walkthroughs, 46+ attack type documentation
  • πŸ“š Claude Code Native - Works seamlessly in Claude Code IDE with slash commands
  • βš–οΈ Open Source - MIT licensed for commercial and personal use

---

πŸ—οΈ Architecture

Claude Code Skills & Agents Framework

This repository provides Claude Code skills, specialized agents, and slash commands for security testing workflows.

```mermaid

graph TB

subgraph "User Interface"

A[Security Researcher
Penetration Tester
Bug Bounty Hunter]

end

subgraph "Claude Code IDE"

B[Slash Commands
/pentest /hackerone /commit]

end

subgraph "Skills Layer .claude/skills/"

C1[Pentest Skill]

C2[HackerOne Skill]

C3[CVE Testing]

C4[Domain Assessment]

C5[Web App Mapping]

C6[Common AppSec]

C7[Authenticating]

end

subgraph "Orchestration Agents .claude/agents/"

D1[Pentester Agent
Multi-phase coordinator]

D2[HackerOne Hunter
Bug bounty workflow]

D3[Git Workflow Agents
Issue/PR/Branch]

D4[Skiller Agent
Skill creation]

end

subgraph "Specialized Agents .claude/agents/specialized/"

E1[SQL Injection]

E2[XSS Testing]

E3[SSRF Detection]

E4[JWT Attack]

E5[OAuth Testing]

E6[SSTI Detection]

E7[XXE Testing]

E8[35+ More Agents]

end

subgraph "Tools & Automation"

F1[Playwright MCP
Browser automation]

F2[HTTP Testing
curl/httpx/requests]

F3[Evidence Capture
Screenshots/Videos]

end

subgraph "Standardized Outputs .claude/output-standards/"

G1[Reconnaissance
inventory/ + analysis/]

G2[Vulnerability Testing
findings/ + evidence/]

G3[Bug Bounty
Platform submissions]

end

A --> B

B --> C1 & C2 & C3 & C4 & C5 & C6 & C7

C1 --> D1

C2 --> D2

C3 & C4 & C5 & C6 --> D1

D1 & D2 --> E1 & E2 & E3 & E4 & E5 & E6 & E7 & E8

E1 & E2 & E3 & E4 & E5 & E6 & E7 & E8 --> F1 & F2 & F3

F1 & F2 & F3 --> G1 & G2 & G3

style B fill:#4CAF50,color:#fff

style D1 fill:#2196F3,color:#fff

style G2 fill:#9C27B0,color:#fff

```

Repository Structure

```

communitytools/

β”œβ”€β”€ .claude/

β”‚ β”œβ”€β”€ skills/ # Security testing skills

β”‚ β”‚ β”œβ”€β”€ pentest/ # 46+ attack types, 264+ lab walkthroughs

β”‚ β”‚ β”œβ”€β”€ hackerone/ # Bug bounty hunting automation

β”‚ β”‚ β”œβ”€β”€ cve-testing/ # CVE vulnerability testing

β”‚ β”‚ β”œβ”€β”€ domain-assessment/ # Subdomain discovery, port scanning

β”‚ β”‚ β”œβ”€β”€ web-application-mapping/ # Endpoint discovery, tech detection

β”‚ β”‚ β”œβ”€β”€ common-appsec-patterns/ # OWASP Top 10 testing

β”‚ β”‚ └── authenticating/ # Auth testing, 2FA bypass, bot evasion

β”‚ β”‚

β”‚ β”œβ”€β”€ agents/ # Orchestration agents

β”‚ β”‚ β”œβ”€β”€ pentester.md # Multi-phase pentest coordinator

β”‚ β”‚ β”œβ”€β”€ hackerone-hunter.md # Bug bounty workflow orchestrator

β”‚ β”‚ β”œβ”€β”€ skiller.md # Skill creation/management

β”‚ β”‚ β”œβ”€β”€ git-*.md # Git workflow automation

β”‚ β”‚ └── specialized/ # 35+ vulnerability-specific agents

β”‚ β”‚ β”œβ”€β”€ sql-injection-agent.md

β”‚ β”‚ β”œβ”€β”€ xss-agent.md

β”‚ β”‚ β”œβ”€β”€ ssrf-agent.md

β”‚ β”‚ β”œβ”€β”€ jwt-agent.md

β”‚ β”‚ └── ... (31 more)

β”‚ β”‚

β”‚ β”œβ”€β”€ commands/ # Slash commands

β”‚ β”‚ β”œβ”€β”€ pentest.md # /pentest command

β”‚ β”‚ β”œβ”€β”€ hackerone.md # /hackerone command

β”‚ β”‚ β”œβ”€β”€ commit.md # /commit workflow

β”‚ β”‚ └── ... (11 total)

β”‚ β”‚

β”‚ └── output-standards/ # Standardized output formats

β”‚ β”œβ”€β”€ OUTPUT_STANDARDS.md

β”‚ └── reference/

β”‚

β”œβ”€β”€ outputs/ # Generated findings and reports

β”œβ”€β”€ CLAUDE.md # Repository-wide instructions

β”œβ”€β”€ CONTRIBUTING.md # Contribution guidelines

└── README.md # This file

```

Multi-Agent Execution Flow

```mermaid

sequenceDiagram

participant User

participant Skill as Pentest Skill

participant Orch as Pentester Agent

participant Agents as Specialized Agents

participant Tools as Playwright/HTTP

participant Output as Standardized Outputs

User->>Skill: /pentest https://target.com

Skill->>Orch: Initialize 7-phase workflow

Orch->>Agents: Phase 1-2: Deploy recon agents

Agents->>Tools: Domain assessment, port scanning

Tools-->>Output: inventory/.json + analysis/.md

Orch->>Agents: Phase 3-4: Deploy 35+ vuln agents in parallel

Agents->>Tools: SQL/XSS/SSRF/JWT/OAuth testing

Tools-->>Output: findings/.json + evidence/.png

Orch->>Output: Phase 5: Generate reports

Output-->>User: Executive + technical reports

Note over Agents,Tools: Specialized agents:
SQL, NoSQL, XSS, SSRF,
JWT, OAuth, SSTI, XXE,
+ 27 more types

```

---

πŸ’‘ Use Cases

1. Penetration Testing

Execute comprehensive security assessments using the /pentest command:

```bash

# In Claude Code

/pentest

# Deploys 35+ specialized agents to test for:

# - Injection flaw

More from this repository5

🎯
web-application-mapping🎯Skill

Maps web applications by systematically discovering endpoints, technologies, and potential vulnerabilities through coordinated reconnaissance and automated scanning techniques.

🎯
cve-testing🎯Skill

Systematically identifies technology stack vulnerabilities, researches known CVEs, and validates exploitability using public proof-of-concept code.

🎯
ai-threat-testing🎯Skill

Systematically tests LLM applications for OWASP Top 10 AI vulnerabilities through automated penetration testing and exploit discovery.

🎯
common-appsec-patterns🎯Skill

Identifies and analyzes common application security vulnerability patterns across different software architectures and technology stacks.

🎯
domain-assessment🎯Skill

Assesses domain security posture by scanning DNS records, identifying potential vulnerabilities, and generating comprehensive domain risk profiles.