ClawHub

Bug Bounty Report Template

v1.0.0

Generate professional bug bounty reports for HackerOne, Bugcrowd, and other platforms. Pre-filled templates with CWE mapping, reproduction steps, and severit...

0· 53·0 current·0 all-time
by@hostilespider
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the provided artifacts. The SKILL.md asks for python3 and the repository contains a Python script that generates report text with CWE/CVSS mappings and platform-specific checklists — all expected for a report template.
Instruction Scope
Runtime instructions only run the included Python script with command-line options; the script builds text and prints or writes it to a file. The instructions do not request reading unrelated system files, environment secrets, or contacting external endpoints.
Install Mechanism
No install spec is provided (instruction-only). The only required binary is python3, which is reasonable and proportional for running the included script.
Credentials
No environment variables, credentials, or config paths are requested. The script does not access environment secrets or external services; this is appropriate for the stated functionality.
Persistence & Privilege
The skill is not marked always:true and does not attempt to persist, modify other skills, or change system-wide settings. It only runs a one-off script when invoked.
Assessment
This skill appears safe and does what it says: generate report text locally. Before using, run the script locally and inspect the output. Avoid pasting real API keys or live tokens into the generated Proof-of-Concept sections, and do not use the template to perform or describe destructive testing on live targets. If you want added safety, open the included scripts/generate-report.py in a text editor to review, then run the script in an isolated environment. (No network calls or credential usage were found in the code.)

Like a lobster shell, security has layers — review code before you run it.

latestvk971stk1k3rp5ekbhh1dd7f4td83vs1g

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🐛 Clawdis
Binspython3

Comments