Open-source Claude Code skills and agents for AI-powered penetration testing, bug bounty hunting, and security research.
communitytools is worth checking the docs before setup with strong trust signals. Check agent compatibility and use-case fit before adding it to your workflow.
npx skills add transilienceai/communitytoolsRun the command in your terminal.
Confirm that the skill files were added to your agent workspace.
Check the README requirements before invoking the skill in your agent.
This repository provides a set of ready-to-use skills and agents for Claude Code that automate security testing tasks like penetration testing, bug bounty hunting, and vulnerability scanning. It includes 26 skills covering the full testing lifecycle, from reconnaissance to reporting, and integrates with tools like Playwright for browser automation. The skills are designed to be used with Claude Code CLI, and a Docker setup is available for easy deployment.
Transilience AI Community Tools is a comprehensive, open-source security testing suite built for Claude Code. It contains 26 skills and 3 tool integrations that cover the entire penetration testing lifecycle, from initial reconnaissance to final reporting. The suite is designed to be AI-powered, leveraging Claude's capabilities to coordinate intelligent security testing workflows. It provides complete OWASP Top 10 and OWASP LLM Top 10 coverage, professional reporting with CVSS 3.1, CWE, and MITRE ATT&CK frameworks, and includes Playwright integration for browser-based client-side vulnerability testing. The repository also includes 160+ reference files with inline PayloadsAllTheThings techniques, making it a valuable resource for security researchers and penetration testers. The tools are MIT licensed and can be used for both commercial and personal projects. A Docker setup is available that spins up a Kali Linux container with all necessary tools pre-installed, simplifying the setup process.
Strong trust signals; still review the README and permissions before production use.
Last commit was about 9 days ago.
333 GitHub stars indicate community interest.
7 open issues signal maintenance load.
MIT license detected.
Automate penetration testing of web applications using AI-driven workflows.
Conduct bug bounty hunting on platforms like HackerOne with automated reconnaissance and reporting.
Perform security reconnaissance and vulnerability scanning for internal or external networks.
Generate professional security reports with CVSS scoring and MITRE ATT&CK mapping.
Test client-side vulnerabilities using Playwright browser automation.
The tool requires running Claude Code with --dangerously-skip-permissions, which can execute arbitrary commands on your system.
Automated security testing may trigger alarms on target systems or violate terms of service if used without authorization.
The Docker setup runs a Kali Linux container with full security tools, which could be misused if not properly secured.
333
Stars
64
Forks
7
Issues
MIT
License
Vercel's official collection of packaged instructions and scripts that extend AI coding agent capabilities.
Official Supabase agent skills to help AI agents work accurately with Supabase products.
A best-practices skill for Terraform and OpenTofu AI agents, enabling testing, module structuring, CI/CD, and production infrastructure code.
3 security/trust notes recorded.
Setup difficulty is 3/5.