santosomar/pt-embedded-device-assessment
skills/pt-embedded-device-assessment/SKILL.md
Performs authorized security assessment of embedded and IoT devices across hardware, firmware, interfaces, and update mechanisms. Use when testing device boot flows, debug interfaces, firmware integrity, and local/network attack surfaces.
$ install --global
skillsauthnpx skillsauth add santosomar/ethical-hacking-agent-skills pt-embedded-device-assessmentInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 25, 2026, 6:19 PM96.3s1 file scanned
SKILL.md
- name:
- pt-embedded-device-assessment
- description:
- Performs authorized security assessment of embedded and IoT devices across hardware, firmware, interfaces, and update mechanisms. Use when testing device boot flows, debug interfaces, firmware integrity, and local/network attack surfaces.
Embedded Device Assessment
Authorized Use Only
Embedded testing can damage hardware or interrupt operations. Confirm explicit authorization, safe handling procedures, and recovery plans before interacting with devices.
Objectives
- Evaluate device security from physical access through runtime operation.
- Identify weaknesses in firmware, interfaces, and update paths.
- Determine practical exploitability and fleet-level impact.
Workflow
- Define test environment:
- Device models, firmware versions, accessories, and network topology
- Recovery procedures, spare hardware, and fail-safe boundaries
- Enumerate interfaces:
- Physical (UART/JTAG/SWD), wireless, network services, companion apps
- Boot modes and exposed maintenance/debug channels
- Assess firmware and boot trust:
- Firmware extraction and integrity validation where authorized
- Secure boot, signature checks, rollback protections, key handling
- Evaluate runtime security:
- Local and remote service hardening
- Credential storage, update mechanism security, telemetry exposure
- Validate impact and remediation:
- Demonstrate constrained exploitability
- Recommend secure defaults and manufacturing/update controls
Output Template
# Embedded Assessment Output
## Device Context
- Model/version:
- Firmware build:
- Deployment context:
## Interface Findings
- Interface:
- Exposure:
- Weakness:
- Evidence:
- Impact:
## Firmware and Boot Findings
- Control tested:
- Result:
- Evidence:
- Risk:
## Remediation Plan
- Immediate mitigations:
- Long-term architecture fixes:
- Validation/retest steps:
Quality Checks
- Safety and recovery constraints are documented and followed.
- Findings distinguish single-device vs fleet-wide risk.
- Recommendations address lifecycle: manufacturing, provisioning, updates, and decommissioning.
Related Skills
santosomar/pt-web-application-assessment
development
VerifiedTrustedCommunity
Performs authorized web application and API penetration testing with focus on OWASP-style risks and business logic flaws. Use when assessing websites, web APIs, authentication flows, session handling, and input validation.
12SKILL.mdUpdated Apr 25, 2026
santosomar/pt-scanning
testing
VerifiedTrustedCommunity
Performs authorized security scanning using static, dynamic, and vulnerability-focused methods. Use when mapping exposed services, profiling application behavior, and identifying known weaknesses for validation.
12SKILL.mdUpdated Apr 25, 2026
santosomar/pt-report-creation
testing
VerifiedTrustedCommunity
Creates penetration test deliverables for executive and technical audiences, including prioritized findings and remediation plans. Use when drafting, structuring, or finalizing pen test reports from collected evidence.
12SKILL.mdUpdated Apr 25, 2026
santosomar/pt-post-exploitation
testing
VerifiedTrustedCommunity
Performs authorized post-exploitation activities to assess impact, lateral movement paths, credential exposure, and detection gaps after initial compromise. Use when a foothold has been validated and the test requires controlled impact expansion analysis.
12SKILL.mdUpdated Apr 25, 2026