Skill

binary-recon

Read-only static triage of compiled binaries (ELF / PE / Mach-O). Detects them by magic bytes, then surfaces dangerous imported symbols, writable+executable segments, and hardening gaps via on-PATH binutils (nm / readelf / objdump). Assessment only — no execution, no exploit-oriented disassembly. Promotes verdicts into .kuzushi/findings.json (source "binary-recon").

Invocation

How this skill is triggered — by the user, by Claude, or both

Slash command

/kuzushi-security-plugin:binary-recon

Not user invocable

Model invocable

Forked subagent

Default effort

Configuration

Agentbinary-recon

Context Preview

The summary Claude sees in its skill listing — used to decide when to auto-load this skill

Triage the compiled artifacts a source-only review skips. This is deliberately

SKILL.md

48 lines · ~702 tokens

Stats

LanguageJavaScript

Stars0

MaintenanceExcellent

Last CommitJun 12, 2026

Actions

View Source View Plugin View on GitHub View README

Stats

Actions

Binary recon

Triage the compiled artifacts a source-only review skips. This is deliberately modest: it tells you what's exposed and how hardened a binary is, and ties that back to the source — it does not write exploits.

Run node "${CLAUDE_PLUGIN_ROOT}/scripts/cmd/binary-recon-prepare.mjs" --target "<repo root>". If it reports no-candidates, there are no binaries to triage — stop.
Read the prep's prepPath. Each candidate is a detected binary with read-only signals (dangerous imports, RWX segments) gathered from whatever binutils were available (toolsUsed). For each signal, decide whether it's a real exposure in context: is the dangerous import reachable with attacker-influenced input? Is the RWX segment a genuine mitigation gap or an expected JIT region? Tie it to the source that produces or invokes the binary where you can.
Write { candidates: [...] } with verdict (finding / candidate / rejected), a binaryClass, a rationale, and evidenceAnchors ({ filePath } = the binary) to the prep's draftPath, then run the assembleCommand.
Report the findings and note these are assessment-grade (hardening/exposure), not proven exploits — escalate real candidates to source-level review.

When NOT to use

On a repo with no compiled binaries (pure source / scripting project).
As an exploitation tool — it never disassembles for gadget hunting or runs the binary. For memory-corruption exploitability use /mem-exploitability.
As a substitute for source review — a signal here is a pointer back to source, not a verdict on its own.

Rationalizations to Reject

"It's just a vendored binary, not our code." → Vendored binaries ship in your artifact and run with your privileges; a backdoored or unhardened dependency is your exposure. Triage it or record why you skipped it.
"nm/readelf weren't installed, so there's nothing to find." → Missing tools means reduced signal, not no risk. Say the triage was magic-only and flag the binary for follow-up rather than implying it's clean.
"A dangerous import exists, so it's a bug" (or the reverse, "…so it's fine"). → An import is a lead, not a verdict. Decide reachability with attacker input before calling it a finding; absence of the symbol doesn't prove safety either.

binary-recon

Invocation

Configuration

Context Preview

SKILL.md

binary-recon

Invocation

Configuration

Context Preview

SKILL.md

Binary recon

When NOT to use

Rationalizations to Reject

Similar Skills

Binary recon

When NOT to use

Rationalizations to Reject

Similar Skills