aeondave/verification-before-completion
knowledge/verification-before-completion/SKILL.md
Use when about to claim work is done, fixed, passing, validated, merged, report-ready, or safe to proceed. Requires fresh verification evidence before success claims, commits, pull requests, task completion, operator reports, cleanup claims, or moving to the next step.
$ install --global
skillsauthnpx skillsauth add aeondave/malskill verification-before-completionInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 5, 2026, 4:13 AM157.8s2 files scanned
SKILL.md
- name:
- verification-before-completion
- description:
- Use when about to claim work is done, fixed, passing, validated, merged, report-ready, or safe to proceed. Requires fresh verification evidence before success claims, commits, pull requests, task completion, operator reports, cleanup claims, or moving to the next step.
- license:
- MIT
- compatibility:
- AgentSkills-compatible verification workflow for coding, skill curation, research, and authorized security work.
- author:
- AeonDave
- version:
- 1.0
Verification Before Completion
Completion is a claim. Claims need fresh evidence.
Core rule
Do not say work is complete, fixed, passing, clean, validated, or ready unless the verification command or artifact was checked in the current context.
Gate workflow
- Name the claim: what exactly is being asserted?
- Choose proof: command, test, diff, log, replay, artifact, or checklist that would falsify the claim.
- Run or inspect fresh evidence: use the full relevant check, not a partial proxy.
- Read the output: exit code, failures, warnings, skipped checks, and scope limits.
- Report accurately: claim success only when evidence supports it; otherwise state the actual status and next smallest fix.
Common claim gates
| Claim | Requires | Not enough |
|---|---|---|
| Tests pass | fresh focused or suite output with zero relevant failures | previous run or assumed pass |
| Build succeeds | build command exit 0 | lint-only success |
| Bug fixed | original reproducer now passes | code changed near symptom |
| Requirements met | checklist against spec or request | tests pass without coverage of requirements |
| Skill valid | quick_validate.py on changed skill | frontmatter looks right by inspection |
| Delegated work done | inspect diff/artifacts and verify outputs | worker report says done |
Security and offensive focus
- Exploit/tooling claims need reproduced primitive, target/build context, or marked uncertainty.
- Cleanup/remediation claims need post-action target-state evidence.
- Scanner triage needs replay, source/sink confirmation, or explicit downgrade.
- Report-ready findings need evidence, limits, and smallest next verification step.
Resources
Load on demand:
references/completion-evidence.md— detailed claim evidence table and red flags.
Related Skills
aeondave/offensive-linux-role
data-ai
VerifiedTrustedCommunity
Scoped routing: Linux operator; hosts, sessions, users, services, packages, logs, containers, SSH, network paths, privilege evidence.
4SKILL.mdUpdated Jun 5, 2026
aeondave/ics-technique
development
VerifiedTrustedCommunity
Offensive methodology for ICS/OT/SCADA environments in authorized industrial penetration testing and red team operations. Use when assessing PLCs, RTUs, HMIs, engineering workstations, historians, or field devices running Modbus, DNP3, EtherNet/IP, S7comm/S7+, Profinet, IEC 60870-5-104, BACnet, or OPC-UA. Covers passive OT network enumeration, protocol-level device interrogation, PLC coil/register read-write attacks, HMI session exploitation, historian and engineering workstation compromise, and safe escalation rules for critical infrastructure scope. Does not cover: general IT network exploitation (network-technique), physical hardware interfaces UART/JTAG/SPI (hardware-technique), wireless sensor network attacks (wireless-technique), RF/SDR signal analysis (hardware-ctf or wireless-technique), or CTF-framed ICS lab tasks (ics-ctf).
4SKILL.mdUpdated Jun 2, 2026
aeondave/game-technique
tools
VerifiedTrustedCommunity
Offensive methodology for authorized game security assessments, game client security research, and game-adjacent penetration testing in real-world engagements. Use when assessing game clients for cheating vulnerabilities, testing anti-cheat effectiveness, auditing game server protocols for score manipulation or economic fraud, reverse engineering game DRM or license validation, analyzing game save file protection, or assessing game mod/plugin security. Covers: process memory scanning and manipulation (Cheat Engine methodology), game binary reversing for license and DRM bypass, game network protocol analysis and packet replay, anti-cheat mechanism analysis, save file format reversing and tampering, speed hack and value injection techniques. Does NOT cover: CTF game challenges (game-ctf), game engine source code auditing (web-exploit-technique or vuln-search-technique for the backend), or general binary exploitation (pwn-ctf or reversing-technique).
4SKILL.mdUpdated Jun 2, 2026
aeondave/hardware-technique
development
VerifiedTrustedCommunity
Auth assessment: hardware/embedded methodology; UART/JTAG/SWD/SPI/I2C, firmware extraction, boot/debug paths, embedded OS evidence.
4SKILL.mdUpdated Jun 2, 2026