원클릭으로 Manus에서 모든 스킬 실행

시작하기

perseusaudit

스타67

포크14

업데이트2026년 2월 12일 05:25

Use when analyzing components for vulnerabilities (Phase 2 - Parallel Analysis)

설치

Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.

Manus에서 실행

출처

kaivyy

kaivyy/perseus

GitHub 저장소 열기 Creator 저장소 보기

다운로드

Manus에서 실행

Perseus Audit (Phase 2)

Overview

This skill executes the Vulnerability Analysis Phase of the Perseus framework. It performs deep-dive white-box analysis on the components identified during the Scan phase.

Goal: Prove the potential for exploitation by finding source-to-sink paths lacking proper defense.

Methodology:

Launch 5 Agents in Parallel: Injection, XSS, Auth, Authz, SSRF.
Negative Analysis Loop: Trace Source -> Sanitizers -> Sink -> Verdict.
Exploit Queue: Generate actionable vulnerabilities for verification.

Confidence Scoring (Required)

Assign confidence to every finding:

Confidence	Criteria
High	Direct source-to-sink path with clear missing defense and reproducible trigger
Medium	Strong path evidence, but one assumption (runtime config/auth state) remains
Low	Pattern match only; data flow or trigger path is incomplete

Prioritize exploit queue in this order:

High + Critical/High severity
Medium + Critical/High severity
Remaining findings

Execution Instructions

Launch these 5 agents simultaneously using a single message with multiple Task tool calls:

Injection Analyst:
- "Trace untrusted input to SQL/Command sinks. Verify if sanitization matches sink context. Flag string concatenation in queries."
XSS Specialist:
- "Trace input to browser sinks (innerHTML, eval). Verify context-aware escaping. Flag raw HTML rendering."
Auth Specialist:
- "Analyze login/session logic. Check for bypasses, weak tokens, and missing MFA. Verify state/nonce in OAuth."
Authz Specialist:
- "Analyze permission checks (RBAC/ABAC). Check for IDOR and Privilege Escalation. Verify every protected route has a guard."
SSRF Specialist:
- "Trace input to outbound request sinks. Verify URL validation and allowlists. Check for local network access."

Analysis Methodology (The "Negative Analysis" Loop)

For each agent, enforce this loop:

Trace Source: Identify where untrusted data enters (from Scan phase).
Trace Flow: Follow variables through functions, middleware, and transforms.
Identify Sink: Where does the data end up? (DB, Screen, Log, Shell).
Verify Defense:
- Is there validation? (e.g., zod.parse)
- Is there sanitization? (e.g., escapeHtml)
- Is it parameterized? (e.g., Prepared Statements)
Verdict:
- VULNERABLE: Path exists + Defense missing/mismatched. -> Add to Exploit Queue
- SAFE: Defense is robust. -> Document as Secure

Output Requirements

Each agent must produce a specialized report in deliverables/:

injection_analysis.md
xss_analysis.md
auth_analysis.md
authz_analysis.md
ssrf_analysis.md

For each finding include:

Finding ID
Source -> Sink Path
Missing or Mismatched Defense
Preconditions
Confidence: High | Medium | Low
Exploit Candidate: Yes | No (and reason)

Next Step: Proceed to perseus:exploit to verify findings with Proof-of-Concept.

이 저장소의 다른 Skills

같은 저장소

perseusstart

kaivyy/perseus

Use when you want to run a full, automated penetration test from start to finish (Scan -> Audit -> Exploit -> Report)

2026-02-2367

using-perseus

kaivyy/perseus

Use when starting a security conversation to understand the Perseus methodology

2026-02-2367

perseusexploit

kaivyy/perseus

Use when verifying vulnerabilities with Dynamic Exploit Generation (Phase 3)

2026-02-1267

perseusreport

kaivyy/perseus

Use when generating the final executive security report (Phase 4)

2026-02-1267

perseus-specialist

kaivyy/perseus

Run all specialist deep-dive skills in parallel for comprehensive analysis

2026-02-1267

perseus-api

kaivyy/perseus

Deep-dive API security analysis (REST, GraphQL, WebSocket, gRPC, OAuth, Cache)

2026-02-1267

name	perseus:audit
description	Use when analyzing components for vulnerabilities (Phase 2 - Parallel Analysis)

Perseus Audit (Phase 2)

Overview

This skill executes the Vulnerability Analysis Phase of the Perseus framework. It performs deep-dive white-box analysis on the components identified during the Scan phase.

Goal: Prove the potential for exploitation by finding source-to-sink paths lacking proper defense.

Methodology:

Launch 5 Agents in Parallel: Injection, XSS, Auth, Authz, SSRF.
Negative Analysis Loop: Trace Source -> Sanitizers -> Sink -> Verdict.
Exploit Queue: Generate actionable vulnerabilities for verification.

Confidence Scoring (Required)

Assign confidence to every finding:

Confidence	Criteria
High	Direct source-to-sink path with clear missing defense and reproducible trigger
Medium	Strong path evidence, but one assumption (runtime config/auth state) remains
Low	Pattern match only; data flow or trigger path is incomplete

Prioritize exploit queue in this order:

High + Critical/High severity
Medium + Critical/High severity
Remaining findings

Execution Instructions

Launch these 5 agents simultaneously using a single message with multiple Task tool calls:

Injection Analyst:
- "Trace untrusted input to SQL/Command sinks. Verify if sanitization matches sink context. Flag string concatenation in queries."
XSS Specialist:
- "Trace input to browser sinks (innerHTML, eval). Verify context-aware escaping. Flag raw HTML rendering."
Auth Specialist:
- "Analyze login/session logic. Check for bypasses, weak tokens, and missing MFA. Verify state/nonce in OAuth."
Authz Specialist:
- "Analyze permission checks (RBAC/ABAC). Check for IDOR and Privilege Escalation. Verify every protected route has a guard."
SSRF Specialist:
- "Trace input to outbound request sinks. Verify URL validation and allowlists. Check for local network access."

Analysis Methodology (The "Negative Analysis" Loop)

For each agent, enforce this loop:

Trace Source: Identify where untrusted data enters (from Scan phase).
Trace Flow: Follow variables through functions, middleware, and transforms.
Identify Sink: Where does the data end up? (DB, Screen, Log, Shell).
Verify Defense:
- Is there validation? (e.g., zod.parse)
- Is there sanitization? (e.g., escapeHtml)
- Is it parameterized? (e.g., Prepared Statements)
Verdict:
- VULNERABLE: Path exists + Defense missing/mismatched. -> Add to Exploit Queue
- SAFE: Defense is robust. -> Document as Secure

Output Requirements

Each agent must produce a specialized report in deliverables/:

injection_analysis.md
xss_analysis.md
auth_analysis.md
authz_analysis.md
ssrf_analysis.md

For each finding include:

Finding ID
Source -> Sink Path
Missing or Mismatched Defense
Preconditions
Confidence: High | Medium | Low
Exploit Candidate: Yes | No (and reason)

Next Step: Proceed to perseus:exploit to verify findings with Proof-of-Concept.