Custom Skills
Custom skills extend Cyberstrike with your own slash commands, automating common workflows and tasks.
📸 SCREENSHOT: custom-skills.png
Custom skill definition
Overview
Custom skills allow you to:
- Create reusable prompts
- Define workflow automations
- Share team conventions
- Standardize security tests
Skill Definition
Basic Skill
---name: quick-scandescription: Run a quick security scan on a targetargs: - name: target description: Target URL or IP required: true---
Perform a quick security scan on {{target}}:
1. Check if the target is reachable2. Identify open ports (top 100)3. Detect web technologies4. Run basic vulnerability checks5. Summarize findings
Focus on speed over thoroughness.Usage
/quick-scan example.comSkill Configuration
Frontmatter Options
| Field | Type | Description |
|---|---|---|
name | string | Command name (required) |
description | string | Help text description |
args | array | Command arguments |
model | string | Override model for skill |
agent | string | Override agent for skill |
permission | string | Permission mode |
Arguments
args: - name: target description: Target to scan required: true type: string
- name: depth description: Scan depth required: false default: "standard" type: string choices: - quick - standard - deepTemplate Variables
---name: scanargs: - name: target - name: ports default: "1-1000"---
Scan {{target}} on ports {{ports}}.Skill Examples
Full Web Scan
---name: full-web-scandescription: Comprehensive web application security scanargs: - name: url description: Target URL required: trueagent: web-application---
Perform a comprehensive security assessment on {{url}}:
## Phase 1: Reconnaissance1. Identify subdomains2. Enumerate technologies3. Map attack surface
## Phase 2: Vulnerability Scanning1. Test for OWASP Top 102. Check for misconfigurations3. Identify outdated components
## Phase 3: Authentication Testing1. Test login mechanisms2. Check session management3. Verify access controls
## Phase 4: Reporting1. Compile all findings2. Prioritize by severity3. Provide remediation guidance
Document all findings with evidence.Code Review
---name: code-reviewdescription: Security-focused code reviewargs: - name: path description: File or directory to review required: true---
Perform a security code review on {{path}}:
Focus areas:1. **Injection vulnerabilities** - SQL injection - Command injection - XSS
2. **Authentication/Authorization** - Credential handling - Session management - Access controls
3. **Data Protection** - Sensitive data exposure - Encryption usage - Secret management
4. **Error Handling** - Information leakage - Proper logging - Fail-safe defaults
Report findings with:- File and line number- Severity rating- Code snippet- Remediation recommendationNetwork Recon
---name: network-recondescription: Network reconnaissance and enumerationargs: - name: target description: Network range or host required: true - name: depth default: standardagent: internal-network---
Perform network reconnaissance on {{target}}:
{% if depth == "quick" %}Quick scan:- Host discovery- Top 100 ports- Service detection{% elif depth == "deep" %}Deep scan:- Full port scan- Service enumeration- OS detection- Vulnerability scanning- Banner grabbing{% else %}Standard scan:- Host discovery- Top 1000 ports- Service detection- Basic vulnerability checks{% endif %}
Document:- Live hosts- Open ports and services- Potential vulnerabilities- Recommended next stepsBug Bounty Recon
---name: bb-recondescription: Bug bounty reconnaissance workflowargs: - name: domain required: trueagent: bug-hunter---
Bug bounty reconnaissance for {{domain}}:
## Subdomain Enumeration1. Passive sources (crt.sh, SecurityTrails)2. DNS brute force3. Permutation scanning
## Asset Discovery1. Probe live hosts2. Identify technologies3. Screenshot endpoints
## Content Discovery1. Directory enumeration2. Parameter mining3. JavaScript analysis4. Wayback Machine
## Vulnerability Identification1. Subdomain takeover checks2. Open redirect testing3. CORS misconfiguration4. Information disclosure
Store all findings in memory for future reference.Skill Organization
Directory Structure
.cyberstrike/└── skills/ ├── recon/ │ ├── subdomain.md │ ├── port-scan.md │ └── tech-detect.md ├── testing/ │ ├── sqli.md │ ├── xss.md │ └── auth.md └── reporting/ ├── executive.md └── technical.mdNamespaced Skills
/recon/subdomain example.com/testing/sqli https://target.com/page?id=1/reporting/executiveGlobal Skills
Store skills globally for all projects:
~/.cyberstrike/skills/├── my-quick-scan.md└── my-report.mdConditional Logic
If/Else
{% if args.verbose %}Provide detailed output with all evidence.{% else %}Provide concise summary.{% endif %}Loops
{% for check in ["sqli", "xss", "idor"] %}- Test for {{check}}{% endfor %}Including Other Skills
Chain Skills
---name: full-assessment---
Run the following in sequence:
1. First: /network-recon {{target}}2. Then: /full-web-scan {{target}}3. Finally: /reporting/executive
Compile all findings into a comprehensive report.Skill Variables
Environment Variables
Scan using API key: {{env.API_KEY}}Session Variables
Continue scanning {{session.target}} from previous findings.Config Variables
Using model: {{config.model}}Publishing Skills
Share with Team
# Copy to shared locationcp -r .cyberstrike/skills/* /shared/cyberstrike-skills/
# Or use gitgit add .cyberstrike/skills/git commit -m "Add security testing skills"npm Package
{ "name": "@team/cyberstrike-skills", "cyberstrike": { "skills": [ "skills/*.md" ] }}Best Practices
- Clear descriptions - Help users understand what skills do
- Sensible defaults - Provide good defaults for optional args
- Consistent naming - Use clear, descriptive names
- Documentation - Include examples in skill description
- Modularity - Create focused, composable skills
- Error handling - Account for edge cases
Tip
Start with simple skills and gradually add complexity as needed.
Related Documentation
- Slash Commands Overview - All commands
- Agents - Agent configuration
- Configuration - Skill settings