Claude Code Skills·Claude Skills·The open SKILL.md registry for Claude
ClaudSkills / Security / web-security

Offensive Reporting

Category: Security  ·  Sub-category: web-security  ·  Last updated:
Penetration test and red team report writing methodology. Covers executive summary structuring (risk-led narrative for non-technical readers), technical finding format (title, severity, affected scope, narrative, reproduction steps, impact, remediation, references), CVSS v3.1 / v4.0 scoring with vector justification, OWASP risk rating, evidence hygiene (redacting credentials, hashing client data, time-stamping every action), screenshot and PoC artifact management, finding chain narratives, scope/limitations/assumptions documentation, retest evidence and remediation tracking, deliverable formats (PDF, DOCX, HTML, JSON for SIEM ingestion), client-customer-deliverable separation, and common report mistakes (over-CVSSing, undermining the triager, missing the 'so what'). Use at the end of an engagement when authoring a deliverable, when restructuring a draft for executive readability, or when establishing a reusable report template for a consulting practice.

From the source SKILL.md

A great finding lost in a bad report is a wasted finding. Reports are the artifact the client pays for, the auditor reads, and the developer fixes from. Treat the report with the same rigor as the exploit.

What this skill does

Offensive Reporting is a community-contributed Claude Code skill in the web-security sub-category. It ships as a SKILL.md file that Claude Code auto-discovers under ~/.claude/skills/offensive-reporting/ and loads when your prompt matches the skill's trigger.

Who uses this skill

The Offensive Reporting Claude Code skill is built for security engineers, penetration testers, DevSecOps practitioners, and development teams hardening codebases and infrastructure. It's part of ClaudSkills (also referred to as Claude Skills or Claude Code Skills) — the open community-curated registry of 69,000+ SKILL.md files for Anthropic's Claude Code agent and the wider Claude ecosystem (Claude API, Claude Agent SDK).

How to install

Free

Manual install (2 steps)

mkdir -p ~/.claude/skills/offensive-reporting
curl -L https://claudskills.com/skills/offensive-reporting/SKILL.md \
  -o ~/.claude/skills/offensive-reporting/SKILL.md

Or just download SKILL.md directly and drop it into ~/.claude/skills/offensive-reporting/. Claude Code auto-discovers it on next session.

Skills live at ~/.claude/skills/offensive-reporting/SKILL.md on macOS/Linux, or %USERPROFILE%\.claude\skills\offensive-reporting\SKILL.md on Windows. See the full install guide for step-by-step instructions.

Pro

One-click install via the desktop app

The ClaudSkills desktop app installs any skill directly into ~/.claude/skills/ with one click — no terminal required. Pro starts at $9/mo or $149 lifetime.

Pro

For the full experience including quality scoring and one-click install features for each skill — upgrade to Pro.

See pricing → Download desktop app

Attribution & license

More Security skills

Browse all Security skills in the ClaudSkills registry, or explore these other picks from the same category:

Browse all Security skills → Top 100 skills
Part of ClaudSkills — the open registry for Claude Skills & Claude Code Skills.  ·  What's New  ·  Install guide  ·  About  ·  llms.txt

Part of Acreator Store — Adam Lankamer's AI tools: PerfectStudio · Ucaption · UTagger · AutoXPoster · TestYourSkills · AutomationFlows · Au Naturel

Categories

Use cases

Popular tags

Learn

Site