Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

ghostonbutterbread/403

Name: 403
Author: ghostonbutterbread

skills/403/SKILL.md

npx skillsauth add ghostonbutterbread/bug-bounty-harness 403

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

403 Forbidden Bypass

Use only after a concrete 403 Forbidden response is observed on an in-scope endpoint.

This is a RAG-style child skill. Classify why the 403 exists, load one focused reference pack, then test the smallest safe bypass family.

Load Order

Read program scope, owned-account context, active live-testing policy, and the current agent's assigned surface.
Resolve $HARNESS_ROOT; default is /home/ryushe/projects/bug_bounty_harness.
Confirm the endpoint returned 403 in the current owned context and is agent-owned, assigned server/API surface, or tied to Ryushe's approved test account set.
Read $HARNESS_ROOT/prompts/403-context-pack.md.
Classify the lane:
- path or route normalization -> $HARNESS_ROOT/skills/403/references/technique-packs/path-normalization.md
- trusted route/client headers -> $HARNESS_ROOT/skills/403/references/technique-packs/trusted-headers.md
- auth-state or owned-account comparison -> $HARNESS_ROOT/skills/403/references/technique-packs/auth-state.md
- JWT/Bearer/cookie token controls authorization -> load /jwt-auth
Read $HARNESS_ROOT/prompts/403-playbook.md for deep review, stuck analysis, or report writing.
Route instead of duplicating:
- JWT algorithm, signature, claim, key-source, or token format behavior -> /jwt-auth
- broader header behavior -> /headers
- WAF or bot enforcement -> /waf
- object ownership or role boundary -> /access-control or /idor
- broader mutation families -> /bypass

Workflow

Capture the baseline 403 with method, full URL, auth state, redirects, body length, response headers, and visible denial reason.
Record why the endpoint/resource is safe to probe.
Load one lane reference pack.
Run a bounded pass: baseline, one mutation family, compare, then stop or pivot.
Record the result as a note unless there is a security-relevant delta.

Proof Standard

Promote only when a mutation changes authorization, route reachability, protected behavior, or approved-account boundary in a reproducible way.

Do not promote cosmetic error changes, soft redirects, cache artifacts, public data, generic 403 pages, or caller-owned access.

Stop Conditions

Stop if the resource belongs to a real user or organization outside approved accounts, the endpoint is out of scope, the path is destructive, the block is rate-limit/WAF enforcement, or the next step would bypass billing, abuse controls, privacy controls, or explicit program policy.

Evidence

Write artifacts under $HARNESS_SHARED_BASE/{program}/agent_shared/findings/bypass/ or the owning finding lane.

Record full URLs, exact modified headers/path/method, auth state, account/resource ownership, response delta, loaded reference pack, and why the tested resource was safe to probe.

ghostonbutterbread/403

skills/403/SKILL.md

Use when an in-scope endpoint returns 403 Forbidden and the agent owns the endpoint or it is a server endpoint safe to probe with bounded access-bypass checks.

testing

Updated Jun 13, 2026

$ install --global

skillsauth

npx skillsauth add ghostonbutterbread/bug-bounty-harness 403

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Jun 13, 2026, 2:33 AM23.3s5 files scanned

SKILL.md

name:: 403
description:: Use when an in-scope endpoint returns 403 Forbidden and the agent owns the endpoint or it is a server endpoint safe to probe with bounded access-bypass checks.

403 Forbidden Bypass

Use only after a concrete 403 Forbidden response is observed on an in-scope endpoint.

This is a RAG-style child skill. Classify why the 403 exists, load one focused reference pack, then test the smallest safe bypass family.

Load Order

Read program scope, owned-account context, active live-testing policy, and the current agent's assigned surface.
Resolve $HARNESS_ROOT; default is /home/ryushe/projects/bug_bounty_harness.
Confirm the endpoint returned 403 in the current owned context and is agent-owned, assigned server/API surface, or tied to Ryushe's approved test account set.
Read $HARNESS_ROOT/prompts/403-context-pack.md.
Classify the lane:
- path or route normalization -> $HARNESS_ROOT/skills/403/references/technique-packs/path-normalization.md
- trusted route/client headers -> $HARNESS_ROOT/skills/403/references/technique-packs/trusted-headers.md
- auth-state or owned-account comparison -> $HARNESS_ROOT/skills/403/references/technique-packs/auth-state.md
- JWT/Bearer/cookie token controls authorization -> load /jwt-auth
Read $HARNESS_ROOT/prompts/403-playbook.md for deep review, stuck analysis, or report writing.
Route instead of duplicating:
- JWT algorithm, signature, claim, key-source, or token format behavior -> /jwt-auth
- broader header behavior -> /headers
- WAF or bot enforcement -> /waf
- object ownership or role boundary -> /access-control or /idor
- broader mutation families -> /bypass

Workflow

Capture the baseline 403 with method, full URL, auth state, redirects, body length, response headers, and visible denial reason.
Record why the endpoint/resource is safe to probe.
Load one lane reference pack.
Run a bounded pass: baseline, one mutation family, compare, then stop or pivot.
Record the result as a note unless there is a security-relevant delta.

Proof Standard

Promote only when a mutation changes authorization, route reachability, protected behavior, or approved-account boundary in a reproducible way.

Do not promote cosmetic error changes, soft redirects, cache artifacts, public data, generic 403 pages, or caller-owned access.

Stop Conditions

Evidence

Write artifacts under $HARNESS_SHARED_BASE/{program}/agent_shared/findings/bypass/ or the owning finding lane.

Record full URLs, exact modified headers/path/method, auth state, account/resource ownership, response delta, loaded reference pack, and why the tested resource was safe to probe.

Related Skills

ghostonbutterbread/request-exploration

testing

VerifiedTrustedCommunity

Systematic live request mutation: flip booleans, field ops, headers, content-type, parser differentials, replay vs intercept, null/empty testing. Inherits live-testing-policy scope/rate/ownership rules.

SKILL.mdUpdated Jun 13, 2026

ghostonbutterbread/request-exploration

ghostonbutterbread/password-reset

development

VerifiedTrustedCommunity

Test password reset, forgot-password, reset-token, email reset, and account recovery flows for account takeover risks.

SKILL.mdUpdated Jun 13, 2026

ghostonbutterbread/password-reset

ghostonbutterbread/intelligent-fuzzing

tools

VerifiedTrustedCommunity

Targeted param/field discovery using tech stack clues, naming conventions, and controlled-rate ffuf — then feeds findings into request-exploration for mutation. Not brute-force; informed and scoped.

SKILL.mdUpdated Jun 13, 2026

ghostonbutterbread/intelligent-fuzzing

ghostonbutterbread/create-account

testing

VerifiedTrustedCommunity

Ghost-only workflow for creating approved bug bounty test accounts and saving credential references.

SKILL.mdUpdated Jun 13, 2026

ghostonbutterbread/create-account

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/ghostonbutterbread/bug-bounty-harness.git

# Copy into Claude Code skills folder (global)
cp -r bug-bounty-harness/skills/403 ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

ghostonbutterbread/bug-bounty-harness

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT