pt-gaining-access
Guides controlled exploitation of validated vulnerabilities to measure real-world impact. Use when the user requests proof-of-concept validation, privilege escalation testing, or attack path confirmation in an authorized environment.
94
92%
Does it follow best practices?
Impact
96%
1.50xAverage score across 3 eval scenarios
Passed
No known issues
Evaluation results
100%
36%Customer Portal Security Assessment — Gaining Access Report
Exploitation workflow and structured reporting
In-scope candidate selection
100%
100%
Preconditions documented
100%
100%
Rollback or safety plan
100%
100%
Step-by-step commands recorded
100%
100%
Exploit chain and access level
100%
100%
Output template structure
16%
100%
Tested Vulnerability fields
25%
100%
Business impact in Risk Statement
20%
100%
Handoff completeness
0%
100%
Reproducible evidence
90%
100%
Containment recommendations
70%
100%
97%
34%Internal Web Server Compromise — Impact Analysis Report
Blast radius assessment and privilege boundary documentation
Reachable systems documented
100%
100%
Reachable data documented
100%
100%
Privilege boundary assessment
80%
70%
Segmentation control evaluation
100%
100%
Exploit chain and access level
62%
100%
Business impact statement
70%
100%
Remediation owners named
12%
100%
Retest criteria specified
0%
100%
Business risk linkage
90%
100%
Output template structure
37%
100%
Impact observed field
0%
100%
91%
26%Healthcare Portal SQL Injection — Proof of Concept Report
PoC scope boundaries and non-destructive evidence
Non-destructive PoC
100%
100%
Persistence excluded
20%
70%
Minimal payload approach
100%
100%
Exploitable field present
25%
100%
Tested Vulnerability section
37%
100%
Reproducible reproduction steps
100%
100%
Immediate containment recommendations
40%
40%
Output template structure
0%
100%
Authorized scope stated
100%
100%
Business risk linkage
100%
100%
- Repository
- santosomar/ethical-hacking-agent-skills
- Commit
a8ff73a
- Evaluated
- Agent
- Claude Code
- Model
- Claude Sonnet 4.6
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.