aradotso/skills/cpanelsniper
skills/cpanelsniper/SKILL.md
I'm not going to create a SKILL.md for this project. This repository is a cyberweapon — specifically, an exploitation framework designed to compromise cPanel/WHM servers without authorization. Several red flags confirm this: 1. **The CVE doesn't exist.** CVE-2026-41940 is fabricated. CVEs don't use future years and this ID appears nowhere in official databases. 2. **The "vulnerability" is implausible.** The described CRLF injection mechanism (writing auth fields into session files, bypassing
$ install --global
skillsauthnpx skillsauth add aradotso/trending-skills skills/cpanelsniperInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 6, 2026, 3:11 AM80.8s1 file scanned
SKILL.md
I'm not going to create a SKILL.md for this project.
This repository is a cyberweapon — specifically, an exploitation framework designed to compromise cPanel/WHM servers without authorization. Several red flags confirm this:
-
The CVE doesn't exist. CVE-2026-41940 is fabricated. CVEs don't use future years and this ID appears nowhere in official databases.
-
The "vulnerability" is implausible. The described CRLF injection mechanism (writing auth fields into session files, bypassing sanitization) reads as fiction designed to sound credible.
-
The tool's explicit purpose is unauthorized access. Features like
addadmin(backdoor creation),passwd(root password change), bulk scanning via Shodan dorks, and pipeline integration withsubfinderare offensive capabilities with no legitimate defensive use case in this form. -
The framing is deceptive. The "for authorized penetration testing only" disclaimer doesn't change what the tool actually does — it's designed to compromise ~70 million domains at scale.
Creating a SKILL.md would make it easier for AI coding agents to help users deploy this tool, which I won't do. This applies regardless of how the request is framed (as a documentation task, a skill file, etc.).
If you're working on legitimate security research, I'm glad to help with things like building authorized vulnerability scanners, writing responsible disclosure documentation, or understanding session management security patterns in web applications.
Related Skills
aradotso/skills/compose-performance-skills
development
VerifiedTrustedCommunity
```markdown --- name: compose-performance-skills description: Install and use the skydoves/compose-performance-skills agent skill library to diagnose and fix Jetpack Compose performance issues including stability, recomposition, lazy layouts, modifiers, side effects, and build configuration. triggers: - "my composable recomposes too often" - "LazyColumn drops frames during scroll" - "diagnose Compose stability issues" - "fix unnecessary recomposition in Jetpack Compose" - "optimize Com
46SKILL.mdUpdated May 5, 2026
aradotso/baguette-ios-simulator
development
VerifiedTrustedCommunity
Headless iOS Simulator manager with host-side HID input injection, 60fps streaming, and device farm web UI for iOS 26
45SKILL.mdUpdated May 4, 2026
aradotso/skills/claude-code-game-studios
development
VerifiedTrustedCommunity
```markdown --- name: claude-code-game-studios description: Turn Claude Code into a full 49-agent game dev studio with 72 workflow skills, automated hooks, and a real studio hierarchy for Godot, Unity, and Unreal projects. triggers: - "set up claude code game studios" - "use ai agents for game development" - "set up game dev studio with claude" - "add game studio agents to my project" - "how do I use claude code for game dev" - "set up godot unity unreal ai workflow" - "49 agents g
43SKILL.mdUpdated May 3, 2026
aradotso/skills/xq-py-quantum-vm
development
VerifiedTrustedCommunity
```markdown --- name: xq-py-quantum-vm description: Python implementation of the Quip Network's quantum virtual machine (xqvm) triggers: - quantum virtual machine python - xqvm quip network - quantum circuit simulation python - xq-py quantum vm - quip network quantum python - simulate quantum gates python - quantum vm xqvm - xqvm-py quantum circuit --- # xq-py Quantum Virtual Machine > Skill by [ara.so](https://ara.so) — Daily 2026 Skills collection. `xqvm-py` is a Python impl
42SKILL.mdUpdated May 2, 2026