public-skills-builder
by shuvonsec
Generate Claude Code bug bounty skills from public HackerOne reports and GitHub writeups — 18 vuln classes, no private reports needed
165stars
33forks
Python
Added 3/19/2026
Installation
# Add to your Claude Code skills
git clone https://github.com/shuvonsec/public-skills-builderPublic Skills Builder
Generate Claude Code bug bounty skills from public HackerOne reports and GitHub writeups — no private reports needed.
Feed it 500+ public bug bounty reports. Get back 18 ready-to-use Claude Code skill files — one per vulnerability class — packed with real-world techniques, payloads, and bypass patterns.
Quick Start · Output · Sources · Usage
Why Use This
Bug bounty reports are the best training data for hunting. This tool reads hundreds of disclosed HackerOne reports and community writeups, then uses Claude to distill them into structured skill files you can load directly into Claude Code.
No private reports required. Everything comes from public data.
Quick Start
git clone https://github.com/shuvonsec/public-skills-builder
cd public-skills-builder
python3 -m venv .venv
source .venv/bin/activate
pip install anthropic requests
cp .env.example .env
# Edit .env — add your ANTHROPIC_API_KEY
Sources
| Source | Auth needed | What it fetches | |--------|-------------|-----------------| | HackerOne public feed | None | Publicly disclosed reports | | HackerOne REST API | H1 API key | Your own resolved reports | | GitHub writeup repos | None (optional token) | 1,200+ community writeups |
Output
Comments (0)
to leave a comment.
No comments yet. Be the first to share your thoughts!
Related Skills
The agent harness performance optimization system. Skills, instincts, memory, security, and research-first development for Claude Code, Codex, Opencode, Cursor and beyond.
172,206
Popular in Testing
Top skills in this category by stars
Claude Code Skill for browser automation with Playwright. Model-invoked - Claude autonomously writes and executes custom automation for testing and validation.
2,552