pt-post-exploitation
Performs authorized post-exploitation activities to assess impact, lateral movement paths, credential exposure, and detection gaps after initial compromise. Use when a foothold has been validated and the test requires controlled impact expansion analysis.
90
85%
Does it follow best practices?
Impact
100%
1.63xAverage score across 3 eval scenarios
Advisory
Suggest reviewing before use
Quality
Discovery
85%Based on the skill's description, can an agent find and select it at the right time? Clear, specific descriptions lead to better discovery.
This is a strong skill description that clearly defines its security testing scope and provides explicit trigger conditions. The description uses appropriate third-person voice and lists concrete capabilities. The main weakness is reliance on technical jargon that may not match how all users naturally phrase requests for this type of work.
Suggestions
Add more natural trigger terms users might say, such as 'pivot', 'move laterally', 'escalate privileges', 'maintain access', or 'post-compromise'
| Dimension | Reasoning | Score |
|---|---|---|
Specificity | Lists multiple specific concrete actions: 'assess impact, lateral movement paths, credential exposure, and detection gaps' - these are distinct, actionable security assessment activities. | 3 / 3 |
Completeness | Clearly answers both what ('assess impact, lateral movement paths, credential exposure, and detection gaps') AND when ('Use when a foothold has been validated and the test requires controlled impact expansion analysis'). | 3 / 3 |
Trigger Term Quality | Includes relevant security terms like 'post-exploitation', 'lateral movement', 'credential exposure', 'foothold', but uses more technical jargon than natural user language. Missing common variations like 'pivot', 'privilege escalation', 'persistence'. | 2 / 3 |
Distinctiveness Conflict Risk | Very specific niche in post-exploitation security testing. The combination of 'foothold validated', 'post-exploitation', and 'impact expansion' creates a distinct trigger profile unlikely to conflict with other security or general skills. | 3 / 3 |
Total | 11 / 12 Passed |
Implementation
85%Reviews the quality of instructions and guidance provided to agents. Good implementation is clear, handles edge cases, and produces reliable results.
This is a well-structured post-exploitation skill that excels in organization, workflow clarity, and token efficiency. The main weakness is the lack of concrete, executable examples - the guidance is procedural and descriptive rather than providing specific commands, tool invocations, or code snippets that would make it immediately actionable.
Suggestions
Add concrete command examples for common post-exploitation checks (e.g., specific privilege escalation enumeration commands, credential harvesting tool syntax)
Include example tool invocations or scripts for artifact cleanup and verification steps
| Dimension | Reasoning | Score |
|---|---|---|
Conciseness | The content is lean and efficient, avoiding unnecessary explanations of what post-exploitation is or how security testing works. Every section serves a purpose and assumes Claude understands the domain. | 3 / 3 |
Actionability | The workflow provides clear steps and the output template is concrete, but lacks executable code examples, specific commands, or tool references. Guidance is procedural rather than copy-paste ready. | 2 / 3 |
Workflow Clarity | Clear 5-step sequence with explicit validation checkpoints including scope confirmation, baseline capture, cleanup verification, and quality checks. The workflow includes feedback loops for detection assessment. | 3 / 3 |
Progressive Disclosure | For a skill of this size (~60 lines), the content is well-organized with clear sections. No external references are needed as the scope is appropriately contained within a single overview document. | 3 / 3 |
Total | 11 / 12 Passed |
Validation
100%Checks the skill against the spec for correct structure and formatting. All validation checks must pass before discovery and implementation can be scored.
Validation — 11 / 11 Passed
Validation for skill structure
No warnings or errors.
- Repository
- santosomar/ethical-hacking-agent-skills
- Commit
a8ff73a
- Reviewed
Table of Contents
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.