pt-fuzzing-binary-protocol

Performs authorized fuzz testing of binary formats and network protocols to uncover parser vulnerabilities, memory safety defects, and denial-of-service conditions. Use when assessing protocol handlers, file parsers, and service robustness against malformed inputs.

1.08x

Quality

67%

Does it follow best practices?

Impact

100%

1.08x

Average score across 3 eval scenarios

Securityby

Passed

No known issues

Fix and improve this skill with Tessl

tessl review fix ./skills/pt-fuzzing-binary-protocol/SKILL.md

Quality

Content

35%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

This skill reads as a high-level process checklist for fuzzing rather than actionable guidance Claude can execute. It lacks any concrete tool invocations, code examples, or specific commands, making it essentially a description of what fuzzing involves rather than instructions on how to do it. The output template is a useful structural element, but the skill needs executable examples and tool-specific guidance to be practically useful.

Suggestions

Add concrete, executable examples using specific fuzzers (e.g., AFL++ command lines, libFuzzer harness code, honggfuzz invocations) with sanitizer flags like `-fsanitize=address,undefined`.

Include at least one complete harness example (e.g., a minimal libFuzzer harness in C/C++ or a Python-based protocol fuzzer) that is copy-paste ready.

Add explicit validation checkpoints in the workflow, such as verifying sanitizer instrumentation is active before starting a campaign and confirming crash reproducibility before triaging.

Provide concrete triage commands (e.g., using `afl-tmin` for minimization, `casr` or `exploitable` for crash classification) rather than abstract descriptions of the triage process.

Dimension	Reasoning	Score
Conciseness	The content is reasonably efficient but includes some unnecessary framing (e.g., the 'Objectives' section restates what fuzzing is for, which Claude already knows). The workflow steps are somewhat generic and could be tightened.	2 / 3
Actionability	The skill provides no concrete commands, tool names, executable code, or specific examples. It reads as an abstract process description rather than actionable guidance—there are no fuzzer invocations (e.g., AFL++, libFuzzer, honggfuzz), no harness code examples, no specific sanitizer flags, and no concrete triage commands.	1 / 3
Workflow Clarity	Steps are listed in a logical sequence, but there are no explicit validation checkpoints or feedback loops (e.g., what to do if the harness fails, how to verify sanitizer instrumentation is working, when to stop a campaign). For a destructive/batch operation like fuzzing, the lack of verification steps caps this at 2.	2 / 3
Progressive Disclosure	The content is structured with clear sections and an output template, which is helpful. However, it's a monolithic file with no references to supplementary materials (e.g., tool-specific guides, example harnesses, dictionary files), and the output template could be in a separate file to keep the skill lean.	2 / 3
	Total	7 / 12 Passed

Description

100%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

This is a strong skill description that clearly defines its scope (fuzz testing for security vulnerabilities), lists specific concrete capabilities (parser vulnerabilities, memory safety defects, DoS conditions), and provides explicit trigger guidance via a 'Use when' clause. It uses proper third-person voice throughout and contains rich, natural trigger terms that security professionals would use.

Dimension	Reasoning	Score
Specificity	Lists multiple specific concrete actions: 'fuzz testing of binary formats and network protocols', 'uncover parser vulnerabilities, memory safety defects, and denial-of-service conditions'. These are concrete, well-defined security testing activities.	3 / 3
Completeness	Clearly answers both 'what' (performs fuzz testing to uncover parser vulnerabilities, memory safety defects, and DoS conditions) and 'when' (explicit 'Use when assessing protocol handlers, file parsers, and service robustness against malformed inputs').	3 / 3
Trigger Term Quality	Includes strong natural keywords a security professional would use: 'fuzz testing', 'binary formats', 'network protocols', 'parser vulnerabilities', 'memory safety', 'denial-of-service', 'malformed inputs', 'protocol handlers', 'file parsers', 'service robustness'. Good coverage of domain-specific terms users would naturally say.	3 / 3
Distinctiveness Conflict Risk	Highly distinctive niche focused specifically on fuzz testing of binary formats and network protocols. The combination of fuzzing, parser vulnerabilities, memory safety, and malformed inputs creates a clear, unique identity unlikely to conflict with other security or testing skills.	3 / 3
	Total	12 / 12 Passed

Validation

100%

Warnings & errors only

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation — 11 / 11 Passed

Validation for skill structure

No warnings or errors.

Repository: santosomar/ethical-hacking-agent-skills
Commit: 9976e81

Reviewed: 2 months ago

Table of Contents

Discovery Implementation Validation

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.