pentest-evidence-structuring-report-synthesis

Security assessment skill for structuring evidence, deduplicating findings, and producing decision-ready security reports. Use when prompts include write report, consolidate findings, severity ranking, remediation guidance, executive summary, or technical appendix generation. Do not use for live exploit execution, reconnaissance, or payload experimentation tasks.

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "pentest-evidence-structuring-report-synthesis" with this command: npx skills add crtvrffnrt/skills/crtvrffnrt-skills-pentest-evidence-structuring-report-synthesis

Evidence Structuring & Report Synthesis

Activation Triggers (Positive)

  • write report
  • consolidate findings
  • severity
  • remediation
  • executive summary
  • evidence table
  • final deliverable

Exclusion Triggers (Negative)

  • run exploit
  • perform recon
  • fuzz inputs
  • live validation

Output Schema

  • Confirmed findings table: id, title, severity, confidence, impact
  • Evidence map: finding id to reproducible proof artifacts
  • Remediation plan: prioritized fixes with verification guidance

Instructions

  1. Separate confirmed findings from hypotheses and informational observations.
  2. Deduplicate by root cause and attacker capability, not by endpoint count alone.
  3. Assign severity from demonstrated impact and exploitability evidence.
  4. Keep technical evidence concise, reproducible, and traceable.
  5. Produce both technical and executive views from the same canonical evidence.
  6. Mark open questions and explicitly state what remains unverified.

Should Do

  • Preserve factual precision and reproducibility in every finding.
  • Keep structure stable for machine parsing and downstream tracking.
  • Tie remediation to the broken control and observed exploit path.

Should Not Do

  • Do not inflate severity without demonstrated impact.
  • Do not merge unrelated root causes into a single finding.
  • Do not hide uncertainty; mark assumptions explicitly.

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

General

pentest-exploit-execution-payload-control

No summary provided by upstream source.

Repository SourceNeeds Review
15-crtvrffnrt
General

pentest-business-logic-abuse

No summary provided by upstream source.

Repository SourceNeeds Review
13-crtvrffnrt
Research

pentest-recon-surface-analysis

No summary provided by upstream source.

Repository SourceNeeds Review
12-crtvrffnrt
General

pentest-authentication-authorization-review

No summary provided by upstream source.

Repository SourceNeeds Review
12-crtvrffnrt