47network/pentest-framework
skills/security/pentest-framework/SKILL.md
Controlled penetration testing framework for Sven's own infrastructure. 6 built-in scenarios covering auth brute force, privilege escalation, SQL injection, header security, rate limiting, and information disclosure. Admin-gated — requires 47 user confirmation.
$ install --global
skillsauthnpx skillsauth add 47network/Sven pentest-frameworkInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 27, 2026, 9:50 PM254.4s1 file scanned
SKILL.md
- name:
- pentest-framework
- description:
- Controlled penetration testing framework for Sven's own infrastructure. 6 built-in scenarios covering auth brute force, privilege escalation, SQL injection, header security, rate limiting, and information disclosure. Admin-gated — requires 47 user confirmation.
- version:
- 2026.4.11
- publisher:
- 47Network
- handler_language:
- typescript
- handler_file:
- handler.ts
- inputs_schema:
- {"type":"object","properties":{"action":{"type":"string","enum":["list_scenarios","get_scenario","generate_report"],"default":"list_scenarios"},"scenario_id":{"type":"string"},"category":{"type":"string"},"results":{"type":"array","items":{"type":"object"},"description":"Pentest results to compile into a report"},"executed_by":{"type":"string","default":"47"}},"required":["action"],"additionalProperties":false}
- outputs_schema:
- {"type":"object","properties":{"action":{"type":"string"},"result":{"type":"object"}},"required":["action","result"]}
Pentest Framework Skill
Controlled penetration testing for Sven's own infrastructure. 6 built-in attack scenarios mapped to OWASP. Admin (47 user) activation required. Never targets external systems.
Actions
list_scenarios— List all available pentest scenariosget_scenario— Get detailed steps for a specific scenariogenerate_report— Compile pentest results into a scored report
Security Constraints
- Requires admin (47 user) activation
- Targets Sven's own infrastructure only
- No exploit code stored — only detection patterns
- All results encrypted in audit trail
Scope Mapping
security.pentest: admin (requires explicit confirmation)
Related Skills
47network/webapp-tester
development
VerifiedTrustedCommunity
Automated web testing advisor — generate Playwright test scripts, accessibility checks, and performance audits.
3SKILL.mdUpdated Apr 23, 2026
47network/security-posture
testing
VerifiedTrustedCommunity
Unified security posture reporting — combines SAST, dependency audit, secret scan, infrastructure scan, and pentest results into a single scored report with OWASP and SOC 2 compliance mapping, top risks, and remediation recommendations.
3SKILL.mdUpdated Apr 23, 2026
47network/secret-scanner
development
VerifiedTrustedCommunity
Detect hardcoded secrets, API keys, tokens, private keys, and credentials in source code and config files. 20 built-in patterns covering AWS, GitHub, Slack, Stripe, database URLs, JWTs, and more.
3SKILL.mdUpdated Apr 23, 2026
47network/sast-scanner
development
VerifiedTrustedCommunity
Static Application Security Testing — scan TypeScript/JavaScript source code for SQL injection, XSS, SSRF, path traversal, command injection, hardcoded secrets, insecure crypto, auth bypass, prototype pollution, and more. 14 built-in rules mapped to OWASP Top 10 and CWE.
3SKILL.mdUpdated Apr 23, 2026