ghostonbutterbread/mullvad
skills/mullvad/SKILL.md
Switch Mullvad VPN relays for scoped bug bounty connectivity, DNS failures, transient page-load failures, or suspected VPN exit-node blocking.
data-ai
Updated May 28, 2026
$ install --global
skillsauthnpx skillsauth add ghostonbutterbread/bug-bounty-harness mullvadInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 28, 2026, 2:30 AM144.0s1 file scanned
SKILL.md
- name:
- mullvad
- description:
- Switch Mullvad VPN relays for scoped bug bounty connectivity, DNS failures, transient page-load failures, or suspected VPN exit-node blocking.
Mullvad Relay Switching
Use when a scoped bug bounty workflow is failing because the current VPN path appears unhealthy: repeated DNS failures, page-load timeouts, connection resets, stuck browser loads, or a likely blocked Mullvad exit IP.
Do not use relay switching to evade target rules, rate limits, account bans, WAF enforcement, or explicit blocking after noisy testing. Treat it as network-path recovery unless Ryushe explicitly approves a different use.
Required Preflight
- Confirm the task is in scope and live testing is allowed.
- Read
$HARNESS_ROOT/prompts/mullvad-playbook.md. - Check current state:
mullvad status mullvad relay get - Capture the exact network symptom before switching: DNS error, timeout, HTTP status, browser error, or proxy observation.
West Coast Relay Ladder
Prefer these city-level constraints first:
mullvad relay set location us sea && mullvad reconnect --wait
mullvad relay set location us lax && mullvad reconnect --wait
mullvad relay set location us sjc && mullvad reconnect --wait
Nearby fallbacks if the West Coast city pool is unhealthy:
mullvad relay set location us phx && mullvad reconnect --wait
mullvad relay set location us den && mullvad reconnect --wait
mullvad relay set location ca van && mullvad reconnect --wait
If a city works but one relay looks bad, rotate within the same city:
mullvad relay set location us sea us-sea-wg-401 && mullvad reconnect --wait
mullvad relay set location us lax us-lax-wg-409 && mullvad reconnect --wait
mullvad relay set location us sjc us-sjc-wg-501 && mullvad reconnect --wait
When To Switch
Switch after two or three clean retries when:
- DNS lookup fails or returns inconsistent results.
- Browser pages hang before the first meaningful response.
- The same scoped URL fails from one relay but proxy/browser setup appears correct.
- The target appears to block the current exit IP before application logic is reached.
- Mullvad reports connected, but traffic is timing out through the current relay.
Do not switch repeatedly during active payload testing. Pause testing, diagnose the network symptom, switch once, reconnect, verify, then continue.
Verification
After each switch:
mullvad status
getent hosts target.example
curl -I --max-time 15 https://target.example/
Replace target.example with the full in-scope host. Do not paste cookies, tokens, auth headers, or private URLs into chat.
Evidence Note
Record under the active program notes:
- prior relay and visible location
- new city/relay
- exact failure symptom
- command used
- post-switch status
- whether the scoped page/API recovered
Stop Conditions
Stop and ask Ryushe if the target explicitly blocks VPNs, the issue looks like an account or application ban instead of network routing, the workflow is state-changing, or more than three relay changes fail to restore basic connectivity.
Related Skills
ghostonbutterbread/request-exploration
testing
VerifiedTrustedCommunity
Systematic live request mutation: flip booleans, field ops, headers, content-type, parser differentials, replay vs intercept, null/empty testing. Inherits live-testing-policy scope/rate/ownership rules.
SKILL.mdUpdated Jun 13, 2026
ghostonbutterbread/password-reset
development
VerifiedTrustedCommunity
Test password reset, forgot-password, reset-token, email reset, and account recovery flows for account takeover risks.
SKILL.mdUpdated Jun 13, 2026
ghostonbutterbread/intelligent-fuzzing
tools
VerifiedTrustedCommunity
Targeted param/field discovery using tech stack clues, naming conventions, and controlled-rate ffuf — then feeds findings into request-exploration for mutation. Not brute-force; informed and scoped.
SKILL.mdUpdated Jun 13, 2026
ghostonbutterbread/create-account
testing
VerifiedTrustedCommunity
Ghost-only workflow for creating approved bug bounty test accounts and saving credential references.
SKILL.mdUpdated Jun 13, 2026