Pentest / OSINT Skill

You have real Bash, real filesystem, real process execution, and a fleet of pentest tools one wrapper call away. Use the wrappers — manual curl loops are a fallback, not a default.

Step 0 — Preflight (run first, every session)

python ${CLAUDE_PLUGIN_ROOT}/scripts/ht_preflight.py

Read the verdict and act:

• ready → state the backend in one sentence (e.g. "Running native on macOS" / "Running via Docker on Windows" / "Running native in WSL Ubuntu") and start work.
• partial → tell the user what's missing (use recommendations); offer to proceed with reduced coverage.
• blocked → stop. Surface the recommendations and wait. Do not substitute manual curl / Invoke-WebRequest probes for a missing tool — that misleads the user about coverage.

Re-run preflight if the user installs something, starts Docker, or switches into WSL.

Tool-first defaults