بنقرة واحدة
ctf
用于把已经完成的解题过程整理成结构化、可复现、可提交的 CTF 题解文档,适合赛后复盘、队内同步与对外提交说明;触发名:ctf-writeup
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
القائمة
用于把已经完成的解题过程整理成结构化、可复现、可提交的 CTF 题解文档,适合赛后复盘、队内同步与对外提交说明;触发名:ctf-writeup
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
面向中文用户和新手的统一入口,保持原有两种模式:1) 自动分流,2) 先头脑风暴再分流。分流目标既可以是 ctf-*,也可以在 Web/接口/漏洞验证阶段增强到 strix-*;适合不知道该用哪个 skill、想先理清题意、又不想自己先判断何时该切到工具链或漏洞专项的场景;触发名:ctf-beginner-hub
面向 CTF 新手与综合题的统一总控 skill。保持原有两种主模式:1) 自动分流,2) 先头脑风暴再分流。分流目标既可以是 ctf-*,也可以在 Web/接口/漏洞验证阶段增强到 strix-*;适合不知道该用哪个 skill、想边做边学、又不想自己先判断何时切换到工具链或漏洞专项的场景;触发名:ctf-super-hub
Strix JWT 与 OIDC 安全测试手册,覆盖令牌伪造、算法混淆与声明篡改;触发名:strix-authentication-jwt
给中文用户和新手用的 Strix Lite 统一入口:先判断该用哪一个 strix-* 工具或漏洞测试 skill,再给最小化起手步骤;适合在 Web 安全测试、工具链使用、漏洞验证时不知道先用哪个 Strix skill 的场景;触发名:strix-beginner-hub
Strix 功能级授权缺陷测试手册,覆盖操作级权限失效、管理功能越权与 API 操作绕过;触发名:strix-broken-function-level-authorization
Strix 业务逻辑漏洞测试手册,覆盖流程绕过、状态操控与领域约束破坏;触发名:strix-business-logic
استنادا إلى تصنيف SOC المهني
| name | CTF•题解写作 |
| description | 用于把已经完成的解题过程整理成结构化、可复现、可提交的 CTF 题解文档,适合赛后复盘、队内同步与对外提交说明;触发名:ctf-writeup |
| license | MIT |
| compatibility | Requires filesystem-based agent (Claude Code or similar) with bash and Python 3. |
| allowed-tools | Bash Read Write Edit Glob Grep Task WebFetch WebSearch |
| metadata | {"user-invocable":"true","argument-hint":"[challenge-name]"} |
Generate a standardized submission-style CTF writeup for a solved challenge.
Default behavior:
submission-style writeupCollect the following from the current session, challenge files, and user input:
# Scan for exploit scripts and artifacts
find . -name '*.py' -o -name '*.sh' -o -name 'exploit*' -o -name 'solve*' | head -20
# Check for flags in output files
grep -rniE '(flag|ctf|eno|htb|pico)\{' . 2>/dev/null
Write the writeup file as writeup.md (or writeup-<challenge-name>.md) using the submission template below.
---
title: "<Challenge Name>"
ctf: "<CTF Event Name>"
date: YYYY-MM-DD
category: web|pwn|crypto|reverse|forensics|osint|malware|misc
difficulty: easy|medium|hard
points: <number>
flag_format: "flag{...}"
author: "<your name or team>"
---
# <Challenge Name>
## Summary
<1-2 sentences: what the challenge was and the core technique. Keep it direct.>
## Solution
### Step 1: <Action>
<Explain the key observation in 3-8 short lines. Keep it direct.>
\`\`\`python
<one complete solving script from provided challenge data to printing the final flag>
\`\`\`
### Step 2: <Action> (optional)
<Only add this when a second short step genuinely helps readability, such as separating the core observation from final verification.>
### Step 3: <Action> (optional)
<Use only if the challenge really needs it. Keep the total number of steps small.>
## Flag
\`\`\`
flag{example_flag_here}
\`\`\`
Guidance:
Before finalizing the writeup, verify:
DO:
python, bash, sql, etc.)DON'T:
$ARGUMENTS