Re-export recon skills from Claude-BugHunter (canonical source)#9
Open
richter83-star wants to merge 6 commits into
Open
Re-export recon skills from Claude-BugHunter (canonical source)#9richter83-star wants to merge 6 commits into
richter83-star wants to merge 6 commits into
Conversation
Tactical-HUD localhost console (no third-party deps) that wraps the bundled helpers behind a browser UI: - Secret Scan tab: recursive path scan via secret_scan.py with severity/category aggregation, live filtering, JSON/CSV export - Paste & Scan tab: fully offline blob scan against the 48-pattern catalog - HackerOne Ref tab: disclosed-report lookups via h1_reference.py (the only tab that touches the network) Binds to 127.0.0.1 by default; non-loopback --host prints a warning. Reuses secret_scan.py directly (no pattern drift). Documents usage in docs/usage.md. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…oard Live design-review pass on the recon console: - Task-first IA: console (Run a Scan) promoted above the fold with a hero CTA; arsenal/kill-chain/stats demoted to a labeled "Capability Map" reference with false-clickable hover removed. - Interaction polish: designed hover/focus-visible states; reduced-motion honored across pulses, scanline, boot reveal, transitions. - Tactical motion: scanline sweep, live uptime ticker, staggered boot reveal. - Mobile: sub-560px breakpoint (1-col arsenal, stacked scan row, wrapped tabs, hidden status segments, fluid type, overflow-x safety). - Back-to-scan affordance: floating button reveals on scroll past the console. - Display font: bundled Archivo Black (OFL-1.1), served locally at /font/display.woff2 with Arial Black/system fallback. No runtime CDN. Backend unchanged; scan/paste/h1 endpoints reverified. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Claude-BugHunter is now the canonical monorepo home for all skills; this repo re-exports the two recon skills (offensive-osint, osint-methodology). - add scripts/sync-from-bughunter.sh (sync + --check drift guard) - add .github/workflows/sync-check.yml (CI fails on drift; PR + weekly) - README: declare the mirror relationship; drop the dead sync-skill-content.sh step Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…(post-verification) Verification found the re-export migration left the dead sync-skill-content.sh and stale references after its docs/full-skills/ source was removed. - remove scripts/sync-skill-content.sh (silent no-op; sources gone) - docs/installation.md + SECURITY.md: drop the obsolete populate step and the outline-vs-full troubleshooting (skills ship full content directly) - .gitignore: guard the sibling Bug Hunter/ repo + stale self-nested skill dirs so git add -A can't sweep them in Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
First execution of the re-export — the two recon skills now mirror Claude-BugHunter exactly, so the sync-check CI guard goes green. - offensive-osint: 4,168-line monolith -> lean 398-line SKILL.md + 15 references/ files + dashboard.py / h1_reference.py / secret_scan.py; gains the 127-trigger frontmatter - osint-methodology: 455 -> 1,703 lines (BugHunter's expanded v2.3) - sync-from-bughunter.sh: --check now excludes __pycache__/*.pyc (no spurious local drift) - README: Structure + line counts updated (~6,000 lines); stale 4,168-line monolith layout removed Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Symmetric coexistence with Claude-BugHunter: this installer records a manifest so uninstalling either bundle keeps the two shared recon skills the other still owns. - scripts/install.sh: copy the 2 skills (skip-identical), write ~/.claude/.skill-manifests/claude-osint.txt; --uninstall keeps shared-owned skills - README: recommend the installer; note safe coexistence with Claude-BugHunter Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Establishes Claude-BugHunter as the
canonical home for the two recon skills and makes this repo a guarded re-export,
plus brings in earlier unpushed dashboard work.
Re-export model (integration Phases 2–3)
scripts/sync-from-bughunter.sh— mirror the 2 skills FROM Claude-BugHunter, with a--checkdrift guard (excludes__pycache__).github/workflows/sync-check.yml— CI fails if the skills drift from canonical (PR + weekly)offensive-osint→ leanSKILL.md+ 15references/files +dashboard.py/h1_reference.py/secret_scan.py;osint-methodology→ BugHunter's expanded v2.3; README Structure + line counts updated (~6,000 lines)scripts/install.sh(new) — install manifest + safe--uninstall, symmetric with BugHunter so uninstalling either bundle keeps the shared skillssync-skill-content.shand its stale references indocs/installation.md+SECURITY.mdAlso included
dashboard.py) + its UX restructure⚠ Merge ordering
sync-checkcompares this repo's skills against Claude-BugHuntermain. Merge the companionBugHunter PR FIRST. Until then this PR's
sync-checkis expected to be red (this branch mirrorsBugHunter's PR branch, not its
mainyet). After BugHunter merges, a one-line re-sync(
bash scripts/sync-from-bughunter.sh) makes it green.Test plan
sync-from-bughunter.sh --checkconverges (both skills in sync with canonical)secret_scan.pyCI smoke test🤖 Generated with Claude Code