Skill of Skills
📄 skillActivePromisinghigh

claude-bug-bounty

by shuvonsec

AI-powered bug bounty hunting from your terminal - recon, 20 vuln classes, autonomous hunting, and report generation. All inside Claude Code.

Supported Platforms

🤖 Claude Code

Stars

2.5k

Skill Type

📋 Runbooks

Quality Score

115/200

License

MIT

Forks

431

Last Updated

Jun 11, 2026

Discovered

Apr 21, 2026

Validation

Passed

github.com/shuvonsec/claude-bug-bounty

Quality Breakdown

115/ 200

Content Signals

â—‹Gotchas/Edge Cases+40
✓Progressive Disclosure+30
â—‹Trigger Description+20
✓Verification/Safety+20
✓Code Examples+15
✓Composability+15

Repo Health

✓Recent Activity+15
✓Scripts/Automation+10
✓Real Usage (Issues)+10
â—‹Single Responsibility+10
✓Config/Persistence+10
✓Install Instructions+5

Multi-platform bonus: +5 pts if tool supports 2+ platforms. Score derived from 12 structural signals — not stars or popularity.

Trust & Verification

high

Broad system access required. Carefully review permissions before installing.

Active

Updated within the last 90 days. Actively maintained.

Unverified skill. Always review source code before installing any skill from an unknown author.

Risk Assessment

  • Contains install.sh and install_tools.sh scripts that execute arbitrary system commands during setup
  • Includes autonomous multi-agent system (8 AI agents: autopilot, chain-builder, recon-agent, etc.) that spawn and orchestrate without explicit human approval gates
  • agent.py and brain.py implement autonomous decision-making and action execution logic
  • Tool definitions include offensive security capabilities (h1_idor_scanner.py, h1_mutation_idor.py, h1_race.py, cicd_scanner.sh) designed for automated vulnerability exploitation
  • Persistent memory system (memory/ with audit_log.py, pattern_db.py, rotation.py) maintains state across sessions for autonomous operation
  • .claude/settings.json indicates persistent Claude configuration modification