co-redteam-orchestrated-security-discovery

Installation
SKILL.md

Co-RedTeam: Orchestrated Security Discovery and Exploitation

This skill enables Claude to perform structured, multi-stage security vulnerability discovery and exploitation following the Co-RedTeam framework. Instead of single-pass code scanning, it decomposes security analysis into a discovery stage (identify and evidence vulnerabilities) and an exploitation stage (plan, execute, validate, and refine attack sequences iteratively). Each stage uses specialized reasoning roles — analysis, critique, planning, validation, execution, and evaluation — coordinated through strict input/output schemas. The key insight: treat exploitation as a structured search process guided by real execution feedback, not single-shot payload generation.

When to Use

  • When the user asks to find security vulnerabilities in a codebase or application
  • When performing an authorized penetration test or red team exercise against a target system
  • When asked to exploit a known vulnerability and produce a working proof-of-concept
  • When conducting a security audit of a web application, API, or containerized service
  • When the user wants to analyze code for injection, XSS, access control, or configuration flaws
  • When building or reviewing CTF challenge solutions that require multi-step exploitation chains
  • When asked to validate whether a reported vulnerability is actually exploitable

Authorization context required: This workflow applies only to authorized security testing, CTF challenges, security research, or defensive assessment. Refuse requests lacking clear authorization.

Key Technique

Co-RedTeam mirrors real-world red-teaming by splitting vulnerability analysis into two coordinated stages. Stage I (Discovery) performs code-aware analysis using taint tracing (source-to-sink), trust boundary mapping, configuration auditing, and business logic tracing. Each candidate vulnerability must pass a critique loop that demands rigorous evidence chains: the exact source of untrusted input, the dangerous sink where execution occurs, and why existing protections fail. Only vulnerabilities with line-number-level evidence survive the critique filter.

Installs
1
GitHub Stars
6
First Seen
Jun 19, 2026
co-redteam-orchestrated-security-discovery — ndpvt-web/arxiv-claude-skills