pt-maintaining-access

Evaluates whether an attacker could retain foothold and move laterally after initial compromise, within strict authorization limits. Use when testing persistence, session resilience, and detection/response effectiveness during a pen test.

1.04x

Quality

76%

Does it follow best practices?

Impact

98%

1.04x

Average score across 3 eval scenarios

Securityby

Advisory

Suggest reviewing before use

Fix and improve this skill with Tessl

tessl review fix ./skills/pt-maintaining-access/SKILL.md

Quality

Content

85%

Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.

This is a well-structured, concise pen testing skill that clearly sequences the workflow with appropriate safety guardrails and cleanup verification. Its main weakness is the lack of concrete, actionable examples—specific tools, commands, or technique implementations that would make the guidance immediately executable rather than directional. The output template and quality checks are strong additions.

Suggestions

Add concrete examples of reversible persistence techniques per target class (e.g., specific registry keys for Windows, cron entries for Linux, with exact commands to set and remove them).

Include at least one worked example showing a specific lateral movement test scenario with the tools/commands used and expected output.

Dimension	Reasoning	Score
Conciseness	The content is lean and efficient. It avoids explaining what persistence or lateral movement are, assumes Claude understands pen testing concepts, and every section serves a clear purpose without padding.	3 / 3
Actionability	The guidance is structured and directional but remains somewhat abstract—it describes categories of actions (e.g., 'low-risk, reversible methods appropriate to target class') rather than providing specific commands, tool invocations, or concrete technique examples. No executable code or specific tool usage is shown.	2 / 3
Workflow Clarity	The workflow is clearly sequenced from permission confirmation through persistence simulation, lateral movement, detection testing, and cleanup with explicit verification. The cleanup-and-verify step with 'recheck system state to confirm rollback' provides a proper feedback loop for this destructive/risky operation domain.	3 / 3
Progressive Disclosure	For a skill of this size (~60 lines) covering a focused topic, the content is well-organized into logical sections (objectives, workflow, output template, quality checks) without needing external file references. Navigation is straightforward and nothing is buried or nested.	3 / 3
	Total	11 / 12 Passed

Description

67%

Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.

The description is reasonably well-structured with both 'what' and 'when' clauses clearly present, which is its strongest aspect. However, it could benefit from more concrete action verbs and specific techniques rather than category-level descriptions, and could include more natural trigger term variations that users might employ when requesting post-exploitation testing assistance.

Suggestions

Add more concrete actions such as 'deploy persistence mechanisms, test lateral movement techniques, evaluate privilege escalation paths, assess detection evasion'.

Expand trigger terms to include common variations like 'post-exploitation', 'pivoting', 'red team', 'backdoor', 'C2', 'command and control', 'privilege escalation'.

Dimension	Reasoning	Score
Specificity	The description names the domain (post-exploitation pen testing) and mentions some actions like evaluating persistence, lateral movement, session resilience, and detection/response effectiveness, but these are more like categories than concrete specific actions (e.g., it doesn't list specific techniques like 'deploy backdoors, escalate privileges, pivot through network segments').	2 / 3
Completeness	Clearly answers both 'what' (evaluates attacker foothold retention and lateral movement after initial compromise) and 'when' (explicit 'Use when testing persistence, session resilience, and detection/response effectiveness during a pen test').	3 / 3
Trigger Term Quality	Includes relevant terms like 'persistence', 'lateral movement', 'pen test', 'session resilience', and 'detection/response', but misses common variations users might say such as 'post-exploitation', 'pivoting', 'backdoor', 'privilege escalation', 'red team', or 'foothold maintenance'.	2 / 3
Distinctiveness Conflict Risk	The description is fairly specific to post-exploitation testing, but could overlap with other pen testing skills covering initial exploitation, privilege escalation, or general security assessment. The phrase 'after initial compromise' helps distinguish it, but the boundaries with adjacent pen testing phases aren't sharply drawn.	2 / 3
	Total	9 / 12 Passed

Validation

100%

Warnings & errors only

Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.

Validation — 11 / 11 Passed

Validation for skill structure

No warnings or errors.

Repository: santosomar/ethical-hacking-agent-skills
Commit: 9976e81

Reviewed: 2 months ago

Table of Contents

Discovery Implementation Validation

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.