pt-maintaining-access
Evaluates whether an attacker could retain foothold and move laterally after initial compromise, within strict authorization limits. Use when testing persistence, session resilience, and detection/response effectiveness during a pen test.
86
80%
Does it follow best practices?
Impact
98%
1.04xAverage score across 3 eval scenarios
Advisory
Suggest reviewing before use
Optimize this skill with Tessl
npx tessl skill review --optimize ./skills/pt-maintaining-access/SKILL.mdQuality
Discovery
75%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This description effectively communicates when to use the skill with explicit trigger guidance and carves out a distinct niche in post-exploitation testing. However, it could benefit from more specific concrete actions (e.g., specific persistence techniques or lateral movement methods) and additional natural trigger terms that security professionals commonly use.
Suggestions
Add more specific concrete actions such as 'test registry persistence, scheduled tasks, credential harvesting, and network pivoting techniques'
Include additional trigger terms users might naturally say: 'privilege escalation', 'pivoting', 'red team', 'post-compromise', 'backdoor testing'
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Names the domain (post-exploitation security testing) and some actions ('retain foothold', 'move laterally'), but lacks comprehensive concrete actions like specific techniques, tools, or outputs. | 2 / 3 |
Completeness | Clearly answers both what ('evaluates foothold retention and lateral movement') and when ('Use when testing persistence, session resilience, and detection/response effectiveness during a pen test') with explicit trigger guidance. | 3 / 3 |
Trigger Term Quality | Includes relevant terms like 'persistence', 'pen test', 'lateral' movement, but missing common variations users might say such as 'privilege escalation', 'backdoor', 'pivoting', 'red team', or 'post-compromise'. | 2 / 3 |
Distinctiveness Conflict Risk | Clear niche focused on post-exploitation phase of penetration testing with distinct triggers like 'persistence', 'lateral movement', and 'session resilience' that distinguish it from initial access or vulnerability scanning skills. | 3 / 3 |
Total | 10 / 12 Passed |
Implementation
85%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is a well-structured skill with excellent workflow clarity and appropriate conciseness for a security-focused task. The main weakness is the lack of concrete, executable examples - the guidance describes what to do conceptually but doesn't provide specific commands, tool usage, or technique examples that would make it immediately actionable.
Suggestions
Add 1-2 concrete examples of reversible persistence techniques with specific commands (e.g., scheduled task creation/removal syntax, registry key examples)
Include example lateral movement assessment scenarios showing specific trust relationship checks or credential reuse patterns to test
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The skill is lean and efficient, avoiding unnecessary explanations of penetration testing concepts Claude already knows. Every section serves a clear purpose with no padding or verbose descriptions. | 3 / 3 |
Actionability | Provides clear workflow steps and output template, but lacks concrete examples of specific persistence techniques, commands, or tools. The guidance is structured but remains somewhat abstract (e.g., 'low-risk, reversible methods' without examples). | 2 / 3 |
Workflow Clarity | Clear 5-step sequence with explicit validation checkpoints including cleanup verification. The workflow includes feedback loops (validate persistence, recheck system state) and mandatory cleanup expectations appropriate for risky operations. | 3 / 3 |
Progressive Disclosure | For a skill under 50 lines with no need for external references, the content is well-organized with clear sections (Objectives, Workflow, Output Template, Quality Checks). Structure is appropriate for the scope. | 3 / 3 |
Total | 11 / 12 Passed |
Validation
100%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 11 / 11 Passed
Validation for skill structure
No warnings or errors.
- Repository
- santosomar/ethical-hacking-agent-skills
- Commit
a8ff73a
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.