pt-fuzzing-binary-protocol
Performs authorized fuzz testing of binary formats and network protocols to uncover parser vulnerabilities, memory safety defects, and denial-of-service conditions. Use when assessing protocol handlers, file parsers, and service robustness against malformed inputs.
79
67%
Does it follow best practices?
Impact
100%
1.08xAverage score across 3 eval scenarios
Passed
No known issues
Optimize this skill with Tessl
npx tessl skill review --optimize ./skills/pt-fuzzing-binary-protocol/SKILL.mdQuality
Discovery
100%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is a strong skill description that clearly defines its scope (fuzz testing for security vulnerabilities), lists specific concrete capabilities (parser vulnerabilities, memory safety defects, DoS conditions), and provides explicit trigger guidance via a 'Use when' clause. It uses proper third-person voice throughout and contains rich, natural trigger terms that security professionals would use.
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Lists multiple specific concrete actions: 'fuzz testing of binary formats and network protocols', 'uncover parser vulnerabilities, memory safety defects, and denial-of-service conditions'. These are concrete, well-defined security testing activities. | 3 / 3 |
Completeness | Clearly answers both 'what' (performs fuzz testing to uncover parser vulnerabilities, memory safety defects, and DoS conditions) and 'when' (explicit 'Use when assessing protocol handlers, file parsers, and service robustness against malformed inputs'). | 3 / 3 |
Trigger Term Quality | Includes strong natural keywords a security professional would use: 'fuzz testing', 'binary formats', 'network protocols', 'parser vulnerabilities', 'memory safety', 'denial-of-service', 'malformed inputs', 'protocol handlers', 'file parsers', 'service robustness'. Good coverage of domain-specific terms users would naturally say. | 3 / 3 |
Distinctiveness Conflict Risk | Highly distinctive niche focused specifically on fuzz testing of binary formats and network protocols. The combination of fuzzing, parser vulnerabilities, memory safety, and malformed inputs creates a clear, unique identity unlikely to conflict with other security or testing skills. | 3 / 3 |
Total | 12 / 12 Passed |
Implementation
35%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This skill reads as a high-level process checklist for fuzzing rather than actionable guidance Claude can execute. It lacks any concrete tool invocations, code examples, or specific commands, making it essentially a description of what fuzzing involves rather than instructions on how to do it. The output template is a useful structural element, but the skill needs executable examples and tool-specific guidance to be practically useful.
Suggestions
Add concrete, executable examples using specific fuzzers (e.g., AFL++ command lines, libFuzzer harness code, honggfuzz invocations) with sanitizer flags like `-fsanitize=address,undefined`.
Include at least one complete harness example (e.g., a minimal libFuzzer harness in C/C++ or a Python-based protocol fuzzer) that is copy-paste ready.
Add explicit validation checkpoints in the workflow, such as verifying sanitizer instrumentation is active before starting a campaign and confirming crash reproducibility before triaging.
Provide concrete triage commands (e.g., using `afl-tmin` for minimization, `casr` or `exploitable` for crash classification) rather than abstract descriptions of the triage process.
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The content is reasonably efficient but includes some unnecessary framing (e.g., the 'Objectives' section restates what fuzzing is for, which Claude already knows). The workflow steps are somewhat generic and could be tightened. | 2 / 3 |
Actionability | The skill provides no concrete commands, tool names, executable code, or specific examples. It reads as an abstract process description rather than actionable guidance—there are no fuzzer invocations (e.g., AFL++, libFuzzer, honggfuzz), no harness code examples, no specific sanitizer flags, and no concrete triage commands. | 1 / 3 |
Workflow Clarity | Steps are listed in a logical sequence, but there are no explicit validation checkpoints or feedback loops (e.g., what to do if the harness fails, how to verify sanitizer instrumentation is working, when to stop a campaign). For a destructive/batch operation like fuzzing, the lack of verification steps caps this at 2. | 2 / 3 |
Progressive Disclosure | The content is structured with clear sections and an output template, which is helpful. However, it's a monolithic file with no references to supplementary materials (e.g., tool-specific guides, example harnesses, dictionary files), and the output template could be in a separate file to keep the skill lean. | 2 / 3 |
Total | 7 / 12 Passed |
Validation
100%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 11 / 11 Passed
Validation for skill structure
No warnings or errors.
- Repository
- santosomar/ethical-hacking-agent-skills
- Commit
9976e81
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.