What are Agent Skills?

Agent Skills are reusable, production-ready capability packs for AI agents. Each skill lives in its own folder and is described by a SKILL.md file with metadata and instructions.

What does this agent-skills.md site do?

Agent Skills is a curated directory that indexes skill repositories and lets you browse, preview, and download skills in a consistent format.

Where are skills stored in a repo?

By default, the site scans the skills/ folder. You can also submit a URL that points directly to a specific skills folder.

What is required inside SKILL.md?

SKILL.md must include YAML frontmatter with at least name and description. The body contains the actual guidance and steps for the agent.

How can I submit a repo?

Click Submit in the header and paste a GitHub URL that points to a skills folder. We’ll parse it and add any valid skills to the directory.

Find awesome Agent Skills

SQL Injection Testing

This skill should be used when the user asks to "test for SQL injection vulnerabilities", "perform SQLi attacks", "bypass authentication using SQL injection", "extract database information through injection", "detect SQL injection flaws", or "exploit database query vulnerabilities". It provides comprehensive techniques for identifying, exploiting, and understanding SQL injection attack vectors across different database systems.

sql-injectionpenetration-testingvulnerability-assessmentdatabase-security

zebbern

Ethical Hacking Methodology

This skill should be used when the user asks to "learn ethical hacking", "understand penetration testing lifecycle", "perform reconnaissance", "conduct security scanning", "exploit vulnerabilities", or "write penetration test reports". It provides comprehensive ethical hacking methodology and techniques.

ethical-hackingpenetration-testingreconnaissancevulnerability-assessment

zebbern

Pentest Commands

This skill should be used when the user asks to "run pentest commands", "scan with nmap", "use metasploit exploits", "crack passwords with hydra or john", "scan web vulnerabilities with nikto", "enumerate networks", or needs essential penetration testing command references.

pentestingnetwork-scanningexploit-developmentpassword-cracking

zebbern

Broken Authentication Testing

This skill should be used when the user asks to "test for broken authentication vulnerabilities", "assess session management security", "perform credential stuffing tests", "evaluate password policies", "test for session fixation", or "identify authentication bypass flaws". It provides comprehensive techniques for identifying authentication and session management weaknesses in web applications.

authentication-testingsession-managementcredential-stuffingsecurity-testing

zebbern

Metasploit Framework

This skill should be used when the user asks to "use Metasploit for penetration testing", "exploit vulnerabilities with msfconsole", "create payloads with msfvenom", "perform post-exploitation", "use auxiliary modules for scanning", or "develop custom exploits". It provides comprehensive guidance for leveraging the Metasploit Framework in security assessments.

penetration-testingexploit-developmentmetasploit-frameworkpost-exploitation

zebbern

Burp Suite Web Application Testing

This skill should be used when the user asks to "intercept HTTP traffic", "modify web requests", "use Burp Suite for testing", "perform web vulnerability scanning", "test with Burp Repeater", "analyze HTTP history", or "configure proxy for web testing". It provides comprehensive guidance for using Burp Suite's core features for web application security testing.

burp-suiteweb-application-securitypenetration-testinghttp-interception

zebbern

Page 418 of 418 · 20856 results