kage
Installation
SKILL.md
Kage — pentest sandbox
When to use this skill
kage <target>— black-box engagementpentest <target>/security audit on <target>— same as abovekage audit <local path>— white-box source audit onlykage greybox <target> <source-path>— black-box + source context
<target> can be a domain, URL, wildcard (*.example.com), or a local
source path. In greybox mode, Turn 0 runs the bundled
audit-context-building
methodology on the source first, then feeds trust-boundary and auth-flow
context into Turns 2–3.