name	using-perseus
description	Use when starting a security conversation to understand the Perseus methodology

Using Perseus

Overview

Perseus is a rigorous, automated security assessment framework for Claude Code. It transforms the AI into a structured penetration tester.

Core Principle: Methodological rigor over ad-hoc guessing. We do not "look around"; we execute specific phases.

The Workflow

The assessment MUST follow this linear sequence. Do not skip phases.

Phase 1: Reconnaissance (`/scan`)

Goal: Map the attack surface.

Action: Run Skill: perseus:scan (or /scan).
Output: deliverables/code_analysis_deliverable.md (Target Knowledge Graph).
Stop Condition: Do not proceed until you know what to attack.

Phase 2: Vulnerability Analysis (Audit)

Goal: Prove potential vulnerability.

Action: Run Skill: perseus:audit.
Logic: Launch 5 parallel specialists (Injection, XSS, Auth, Authz, SSRF).
Method: "Negative Analysis" (Source -> Flow -> Sink -> Defense -> Verdict).
Output: Specialized reports in deliverables/.

Phase 3: Exploitation (Exploit)

Goal: Verify impact (False Positive Filtering).

Action: Run Skill: perseus:exploit.
Safety: Use SAFE payloads only (whoami, alert(1), sleep).
Output: Verified proofs in deliverables/exploitation_report.md.

Phase 4: Reporting (`/report`)

Goal: Communicate risk.

Action: Run Skill: perseus:report (or /report).
Output: Final SECURITY_REPORT.md with executive summary and risk scoring.

Optional: Specialists (`/specialist`)

Goal: Run all deep-dive specialists in parallel.

Action: Run Skill: perseus-specialist (or /specialist).

Engagement Modes

Always select engagement mode before Phase 1. If user does not specify, default to PRODUCTION_SAFE.

Mode	Intended Environment	Verification Style
`PRODUCTION_SAFE`	Live production	Passive analysis + minimal non-disruptive verification
`STAGING_ACTIVE`	Staging/pre-prod	Targeted active verification with throttling
`LAB_FULL`	Isolated lab	Full dynamic verification for hard-to-reproduce findings
`LAB_RED_TEAM`	Dedicated security lab	Adversarial chain simulation with strict legal scope

Mode selection rule:

If environment is unclear, assume production and use PRODUCTION_SAFE.
If user requests aggressive testing, require explicit confirmation that target is staging/lab and authorized.
Record chosen mode in deliverables so report consumers understand test depth.

Critical Rules

No Hallucinations: Only report vulnerabilities you have verified via Audit or Exploit.
Safe Mode: Never execute destructive commands (e.g., rm, DROP TABLE).
Evidence-Based: Every finding must cite a specific File:Line or HTTP Request/Response.
Authorization Gate: Do not run active exploit validation on production without explicit approved test window.
Stability First: Keep verification low-rate and stop immediately if service degradation appears.
Lab Isolation for Red-Team Mode: LAB_RED_TEAM only on isolated test environment with non-production data.

How to Start

If the user asks for a security review, pentest, or audit, ALWAYS start with:

I will use the Perseus methodology to assess this codebase.
Starting Phase 1: Reconnaissance...
[Invoking /scan]

name	using-perseus
description	Use when starting a security conversation to understand the Perseus methodology

Using Perseus

Overview

Perseus is a rigorous, automated security assessment framework for Claude Code. It transforms the AI into a structured penetration tester.

Core Principle: Methodological rigor over ad-hoc guessing. We do not "look around"; we execute specific phases.

The Workflow

The assessment MUST follow this linear sequence. Do not skip phases.

Phase 1: Reconnaissance (`/scan`)

Goal: Map the attack surface.

Action: Run Skill: perseus:scan (or /scan).
Output: deliverables/code_analysis_deliverable.md (Target Knowledge Graph).
Stop Condition: Do not proceed until you know what to attack.

Phase 2: Vulnerability Analysis (Audit)

Goal: Prove potential vulnerability.

Action: Run Skill: perseus:audit.
Logic: Launch 5 parallel specialists (Injection, XSS, Auth, Authz, SSRF).
Method: "Negative Analysis" (Source -> Flow -> Sink -> Defense -> Verdict).
Output: Specialized reports in deliverables/.

Phase 3: Exploitation (Exploit)

Goal: Verify impact (False Positive Filtering).

Action: Run Skill: perseus:exploit.
Safety: Use SAFE payloads only (whoami, alert(1), sleep).
Output: Verified proofs in deliverables/exploitation_report.md.

Phase 4: Reporting (`/report`)

Goal: Communicate risk.

Action: Run Skill: perseus:report (or /report).
Output: Final SECURITY_REPORT.md with executive summary and risk scoring.

Optional: Specialists (`/specialist`)

Goal: Run all deep-dive specialists in parallel.

Action: Run Skill: perseus-specialist (or /specialist).

Engagement Modes

Always select engagement mode before Phase 1. If user does not specify, default to PRODUCTION_SAFE.

Mode	Intended Environment	Verification Style
`PRODUCTION_SAFE`	Live production	Passive analysis + minimal non-disruptive verification
`STAGING_ACTIVE`	Staging/pre-prod	Targeted active verification with throttling
`LAB_FULL`	Isolated lab	Full dynamic verification for hard-to-reproduce findings
`LAB_RED_TEAM`	Dedicated security lab	Adversarial chain simulation with strict legal scope

Mode selection rule:

If environment is unclear, assume production and use PRODUCTION_SAFE.
If user requests aggressive testing, require explicit confirmation that target is staging/lab and authorized.
Record chosen mode in deliverables so report consumers understand test depth.

Critical Rules

No Hallucinations: Only report vulnerabilities you have verified via Audit or Exploit.
Safe Mode: Never execute destructive commands (e.g., rm, DROP TABLE).
Evidence-Based: Every finding must cite a specific File:Line or HTTP Request/Response.
Authorization Gate: Do not run active exploit validation on production without explicit approved test window.
Stability First: Keep verification low-rate and stop immediately if service degradation appears.
Lab Isolation for Red-Team Mode: LAB_RED_TEAM only on isolated test environment with non-production data.

How to Start

If the user asks for a security review, pentest, or audit, ALWAYS start with:

I will use the Perseus methodology to assess this codebase.
Starting Phase 1: Reconnaissance...
[Invoking /scan]

using-perseus

Using Perseus

Overview

The Workflow

Phase 1: Reconnaissance (/scan)

Phase 2: Vulnerability Analysis (Audit)

Phase 3: Exploitation (Exploit)

Phase 4: Reporting (/report)

Optional: Specialists (/specialist)

Engagement Modes

Critical Rules

How to Start

同仓库更多 Skills

同仓库更多 Skills

Using Perseus

Overview

The Workflow

Phase 1: Reconnaissance (/scan)

Phase 2: Vulnerability Analysis (Audit)

Phase 3: Exploitation (Exploit)

Phase 4: Reporting (/report)

Optional: Specialists (/specialist)

Engagement Modes

Critical Rules

How to Start

Phase 1: Reconnaissance (`/scan`)

Phase 4: Reporting (`/report`)

Optional: Specialists (`/specialist`)

Phase 1: Reconnaissance (`/scan`)

Phase 4: Reporting (`/report`)

Optional: Specialists (`/specialist`)