Web2 bug bounty hunting agent — evidence-based vulnerability finder and report writer. Use when: auditing web apps/APIs for HackerOne, Bugcrowd, Intigriti, YesWeHack; hunting XSS, SQLi, NoSQLi, SSRF, IDOR, auth bypass, RCE, SSTI, LFI, XXE, CORS, CSRF, prototype pollution, subdomain takeover, HTTP smuggling, open redirect, API/GraphQL bugs; auditing locally downloaded GitHub repos or source code (white-box/source code review); writing platform-specific reports. Trigger on: 'pentest', 'find bugs', 'security audit', 'bug bounty', 'find vulnerabilities', 'source code review', 'audit this repo', 'review repo', 'white-box', 'local repo', vulnerability class names, or program/target names. Reports only real, confirmed medium+ severity bugs that pass real triage.
Web2漏洞赏金猎人代理——基于证据的漏洞发现与报告撰写工具。适用于:对HackerOne、Bugcrowd、Intigriti、YesWeHack等平台的Web应用/API进行审计;挖掘XSS、SQLi、NoSQLi、SSRF、IDOR、身份绕过、RCE、SSTI、LFI、XXE、CORS、CSRF、原型污染、子域名接管、HTTP走私、开放重定向、API/GraphQL漏洞;审计本地下载的GitHub仓库或源代码(白盒/源码审计);撰写平台特异性报告。触发条件:关键词包含“pentest”“find bugs”“security audit”“bug bounty”“find vulnerabilities”“source code review”“audit this repo”“review repo”“white-box”“local repo”或具体漏洞类别名称、平台/目标名称。仅报告经真实筛选确认的中高危及以上真实漏洞。
直接复制以下提示词,发送给你的 AI 助手即可完成安装。
点击右上角 下载SKILL 按钮