pentest-validation
关于
This skill validates security findings by proving exploitability and eliminating false positives from SAST/DAST scans. It executes a 4-phase pentest pipeline (recon, analysis, validation, report) using specialized security agents. Use it when you need to confirm actual vulnerabilities before reporting them.
快速安装
Claude Code
推荐npx skills add proffesor-for-testing/agentic-qe -a claude-code/plugin add https://github.com/proffesor-for-testing/agentic-qegit clone https://github.com/proffesor-for-testing/agentic-qe.git ~/.claude/skills/pentest-validation在 Claude Code 中复制并粘贴此命令以安装该技能
GitHub 仓库
Frequently asked questions
What is the pentest-validation skill?
pentest-validation is a Claude Skill by proffesor-for-testing. Skills package instructions and resources that Claude loads on demand, so Claude can perform pentest-validation-related tasks without extra prompting.
How do I install pentest-validation?
Use the install commands on this page: add pentest-validation to Claude Code as a plugin, or clone its repository into your skills directory, then restart Claude so it picks up the skill.
What category does pentest-validation belong to?
pentest-validation is in the specialized-testing category, tagged pentest, exploitation, security-validation, shannon, no-exploit-no-report and graduated-exploitation.
Is pentest-validation free to use?
Yes. pentest-validation is listed on AIMCP and free to install. It runs inside Claude, so no separate service account is required to use the skill itself.
相关推荐技能
该Skill提供智能回归测试策略,帮助开发者在验证修复时确保现有功能不被破坏。它通过变更分析和风险评估,自动选择最相关的测试用例来优化测试执行。适用于CI/CD流水线中快速反馈的场景,能显著减少不必要的全量测试时间。
该Skill为iOS和Android应用提供全面的移动端测试支持,涵盖手势、传感器、权限、设备碎片化和性能等关键领域。它适用于测试原生应用、混合应用或移动网页,能确保应用在1000多种设备变体上的质量。开发者可用它来定义设备覆盖矩阵、测试平台差异,并执行自动化专项测试。
该Skill通过变异测试评估测试套件的有效性,自动引入代码变异并计算杀灭率来验证测试质量。它适用于识别薄弱测试、证明测试能真正捕获缺陷,以及评估整体测试覆盖的可靠性。关键能力包括生成变异体、运行测试分析杀灭率,并提供具体的测试改进建议。
该Skill用于跨浏览器、跨平台和跨设备的兼容性测试,确保应用在不同环境下体验一致。它特别适用于验证浏览器支持、测试响应式设计或检查平台兼容性等场景,可并行测试多种浏览器和设备。关键能力包括定义覆盖95%以上用户的浏览器矩阵、测试移动端到桌面端的响应式断点,并支持使用云服务进行高效测试。
