chain
$
npx mdskill add H-mmer/pentest-agents/chainBuild exploit chain from: $ARGUMENTS
SKILL.md
.github/skills/chainView on GitHub ↗
---
name: chain
description: "Build deep exploit chains — dispatches chain-builder agent. Given bug A, recursively walks the chain graph. Usage: /chain (then describe bug A)"
disable-model-invocation: false
---
Build exploit chain from: $ARGUMENTS
## Process
1. Read brain for current target context:
`uv run python3 $CLAUDE_PROJECT_DIR/tools/brain.py brief <target>`
2. Get bug A description:
- If `$ARGUMENTS` contains a bug description → use it
- Else if brain has a recent confirmed finding → use that
- Else → ask user to describe the confirmed bug
3. Read `rules/chain-table.md` — the capability→next-bug table
4. Read `policy.md` — extract policy preamble for the agent
5. **ALWAYS dispatch `chain-builder` agent** (model: inherit) with:
- The confirmed bug A description (exact HTTP request/response)
- The full chain table from `rules/chain-table.md`
- Policy preamble (scope + required headers + restrictions)
- Brain context (tech stack, tested endpoints, known capabilities)
- Writeup intelligence: call `search_writeups "chain <bug class> escalation"` if MCP available
6. After agent returns:
- If chain found:
- `uv run python3 $CLAUDE_PROJECT_DIR/tools/brain.py record <target> confirmed "chain: <summary>" "<full chain>"`
- Show chain to user with combined impact and CVSS
- Suggest: `/validate` then `/report`
- If dead end:
- `uv run python3 $CLAUDE_PROJECT_DIR/tools/brain.py record <target> exhausted "chain from <bug A>" "<candidates tried>"`
- Show what was tried and why it failed
No inline chain logic. No capability table. The chain-builder agent does all the work.
## Top-Tier Chain Standard
A chain is valuable only when each link grants a concrete capability.
Before dispatching, classify bug A as one capability:
- identity control: login, link, session, token, role, invite
- data read: PII, secrets, tenant data, internal API response
- data write: config, webhook, template, profile, billing, integration
- execution: script, server-side call, command, workflow run, model/tool action
- network pivot: SSRF, callback, metadata, internal host reachability
Ask the chain-builder for three paths: fastest proof, highest impact, and safest policy-compliant path. Kill chains that require guessing, prohibited data access, or unbounded scanning. A reportable chain must include end-to-end reproduction, where link 2 consumes the capability from link 1 rather than merely coexisting with it.
More from H-mmer/pentest-agents
- analyzeAnalyze recon output with AI to suggest high-value targets and attack strategies. Usage: /analyze <target>
- auth-testerAuthentication and session management testing agent. Use for login bypass, session fixation, password reset flow abuse, MFA bypass, OAuth flaws, and privilege escalation testing. Provide the application URL and any credentials for testing.
- autopilotAutonomous hunt orchestrator. INSATIABLE in --autonomous mode: enforces an EXHAUSTION CONTRACT (26 canonical hunter classes, surface probe A-I, depth-engine ≥25 attempts/class, wall-clock floor 90 min/target, PRE-COMPLETION GATE before any summary). No early stops, no clarifying questions, no auxiliary-agent substitution. Usage: /autopilot target.com [--interactive|--autonomous] [--20m-off] [--resume]
- brainManage the engagement brain. Subcommands: 'init' to set up, 'brief <target>' for pre-flight, 'status' for overview, 'exhausted [target]' to see dead ends.
- browser-agentBrowser automation agent for interactive web testing. Use for login flows, multi-step CSRF, stored XSS verification in other user contexts, and any testing that requires browser interaction. Requires Claude in Chrome MCP.
- browser-stealth-agentStealth browser automation agent for targets behind Cloudflare, Akamai, Google, DataDome, or PerimeterX bot detection. Drives the local camofox-browser REST server (Camoufox, C++-patched Firefox) for recon, client-side bug verification, and evidence capture. Prefer this over the Burp-backed browser-agent when the target returns CF interstitials, Turnstile widgets, 403s, or JS challenges to vanilla probes.
- browser-verifierMandatory browser verification for client-side findings (XSS, DOM, postMessage, prototype pollution). Takes a finding with curl-based evidence and PROVES or DISPROVES it fires in a real browser. No finding ships without browser verification. Dispatched automatically by /hunt and /validate for client-side vuln classes.
- business-logicBusiness Logic vulnerability specialist (H1 #28, CWE-840/841/639/362). Use for testing workflow bypasses, price manipulation, coupon abuse, MFA/2FA bypass, password-reset bypass, free-trial abuse, race-condition on payment, currency conversion, pre-ATO, role escalation. Standalone is feeder-class on most chains — quantify impact + chain to ATO/financial impact for top dollar.
- chain-builderDeep exploit chain builder. Given bug A, recursively walks the chain graph — each confirmed link becomes the new A. No depth limit. Supports 2-link to 10+ link chains. Use when you have any finding that needs escalation.
- cloud-reconCloud misconfiguration scanner. Use for S3 bucket enumeration, Azure blob discovery, GCP storage checks, exposed cloud services, and cloud metadata analysis. Provide target domain or known cloud identifiers.