Stats
Actions
Tags
From ultraship
Runs penetration tests on web, API, browser, GitHub, and local code for vulnerabilities like XSS, SQLi, auth flaws, CORS, secrets, with proof-of-concepts using Playwright.
How this command is triggered — by the user, by Claude, or both
Slash command
/ultraship:pentestThe summary Claude sees in its command listing — used to decide when to auto-load this command
Invoke the ultraship:pentest skill to run a full penetration test on this project. Probe for injection vulnerabilities (XSS, SQLi, SSTI, command injection), authentication flaws, CORS misconfigurations, exposed secrets, prototype pollution, race conditions, and more. Every finding includes proof-of-concept. Uses Playwright for browser-side testing.
Invoke the ultraship:pentest skill to run a full penetration test on this project. Probe for injection vulnerabilities (XSS, SQLi, SSTI, command injection), authentication flaws, CORS misconfigurations, exposed secrets, prototype pollution, race conditions, and more. Every finding includes proof-of-concept. Uses Playwright for browser-side testing.
npx claudepluginhub houseofmvps/ultraship --plugin ultraship/pentestPerforms authorized penetration testing with recon, OWASP vuln assessment, PoC exploits, API/web checks, and generates formal MD report with risk ratings in docs/security/. Supports focused modes via flags.
/fire-vuln-scanScans application codebases for OWASP Top 10 vulnerabilities using AI reasoning, with optional deep analysis, category filtering, fix previews, and report generation.
/pentestRuns interactive security assessment on URL or codebase: confirms auth, scans web/dependencies/code, summarizes findings by severity, suggests prioritized fixes, generates JSON report.
/kasi-securityRuns security audit on project codebase: detects stack (PHP/Node/Python/etc.), loads checklist, scans files for SQLi/XSS/CSRF/auth bypass/etc., outputs prioritized findings with confidence labels.
/security-scanScans codebase for vulnerabilities, hardcoded secrets, OWASP Top 10 compliance, and security best practices violations. Produces report with issues and fix recommendations.