A curated library of offensive-security skills for the Claude Skills system. SQLi, shellcode, EDR evasion, exploit dev — 38 SKILL.md files spanning the work an offensive operator actually does. Drop-in capabilities for agent harnesses that need real adversarial coverage. Each skill is small, sharp, and reads in under a minute.
SQLi · SSRF · CSRF · path traversal · prototype pollution · XSS chains
Stack overflows · heap shaping · ROP · format strings · ret2libc
x86_64 / arm64 / msf-compatible · staged · stageless · custom encoders
Direct syscalls · unhooking · AMSI bypass · ETW patching
C2 channel design · DNS tunneling · ICMP exfil · domain fronting · jitter
K8s breakouts · IMDS abuse · IAM enumeration · privesc paths
Kerberoasting · DCsync · BloodHound triage
Persistence · privesc · lateral · log evasion
Subdomain · CT · cloud bucket discovery · code-search recon
Each skill is a single SKILL.md file. The file is short — usually 80 to 200 lines — because skills aren't scripts. They are operating instructions for an agent that will write the script, in context, against a target the agent has in front of it.
The skill describes when to apply the technique, what to look for, what the expected indicators of success are, and what to do if it doesn't land. It does not pre-bake the exploit, because the exploit only makes sense in context. Pre-baking is what makes the average "AI security skill" library brittle the moment the target deviates from the demo.
This is also why Claude-Red is small. 38 skills, not 380. Most "more" is filler — and a skill an operator can't memorize the shape of is a skill the operator won't reach for.
# 1. clone $ git clone https://github.com/SnailSploit/claude-red # 2. point your skills loader at it $ export CLAUDE_SKILLS_DIR=$PWD/claude-red/skills # 3. drop into a harness The agent now has 38 new tools available, all reachable through the standard SKILL.md discovery path. No code changes required.