Files
strix/strix/skills
0xallam 8ed5311b8e Surface the previously-undocumented sandbox tools and unbreak two of them
The image ships 15 tools (jwt_tool, interactsh-client, arjun, dirsearch,
gospider, wafw00f, retire, eslint, jshint, js-beautify, JS-Snooper,
jsniper.sh, vulnx, ncat, uv) that the always-loaded skills never name
with usage guidance — agents could discover them via the environment
catalog but had no when/how. Add concise mentions in the natural home
for each: jwt_tool in the JWT skill, interactsh-client in the OAST
sections of SSRF/XXE/RCE, arjun in IDOR recon, dirsearch as the broad
alternate in the ffuf skill, gospider + the JS scrapers in katana,
wafw00f next to httpx, retire/eslint/jshint/js-beautify as a new
JavaScript-Side Coverage block in the SAST playbook, uv in python,
vulnx in the deep scan-mode CVE bullet, ncat in a new RCE Tooling
block.

Audit also turned up three real breakages along the way:

- jwt_tool's shebang resolves to /usr/bin/python3 but its dependencies
  live in /app/.venv, so every invocation died with
  ModuleNotFoundError: ratelimit. Replace the bare symlink with a
  wrapper that execs /app/.venv/bin/python against the real script.
- dirsearch's pipx venv ended up with setuptools 82, which dropped
  pkg_resources — startup failed before parsing args. Pin the inject
  to setuptools<81.
- ESLint's --no-eslintrc flag was removed in v9; the surviving
  --no-config-lookup covers it. Drop the dead flag from the SAST
  command block.

Also corrected the JS-Snooper / jsniper.sh entry in katana.md — both
take a bare domain and run their own JS discovery internally, not the
JS URLs Katana already harvested.
2026-05-25 22:02:15 -07:00
..

📚 Strix Skills

🎯 Overview

Skills are specialized knowledge packages that enhance Strix agents with deep expertise in specific vulnerability types, technologies, and testing methodologies. Each skill provides advanced techniques, practical examples, and validation methods that go beyond baseline security knowledge.


🏗️ Architecture

How Skills Work

When an agent is created, it can load up to 5 specialized skills relevant to the specific subtask and context at hand:

# Agent creation with specialized skills
create_agent(
    task="Test authentication mechanisms in API",
    name="Auth Specialist",
    skills="authentication_jwt,business_logic"
)

The skills are dynamically injected into the agent's system prompt, allowing it to operate with deep expertise tailored to the specific vulnerability types or technologies required for the task at hand.


📁 Skill Categories

Category Purpose
/vulnerabilities Advanced testing techniques for core vulnerability classes like authentication bypasses, business logic flaws, and race conditions
/frameworks Specific testing methods for popular frameworks e.g. Django, Express, FastAPI, and Next.js
/technologies Specialized techniques for third-party services such as Supabase, Firebase, Auth0, and payment gateways
/protocols Protocol-specific testing patterns for GraphQL, WebSocket, OAuth, and other communication standards
/tooling Command-line playbooks for core sandbox tools (nmap, nuclei, httpx, ffuf, subfinder, naabu, katana, sqlmap)
/cloud Cloud provider security testing for AWS, Azure, GCP, and Kubernetes environments
/reconnaissance Advanced information gathering and enumeration techniques for comprehensive attack surface mapping
/custom Community-contributed skills for specialized or industry-specific testing scenarios

Notable source-aware skills:

  • source_aware_whitebox (coordination): white-box orchestration playbook
  • source_aware_sast (custom): semgrep/AST/secrets/supply-chain static triage workflow

🎨 Creating New Skills

What Should a Skill Contain?

A good skill is a structured knowledge package that typically includes:

  • Advanced techniques - Non-obvious methods specific to the task and domain
  • Practical examples - Working payloads, commands, or test cases with variations
  • Validation methods - How to confirm findings and avoid false positives
  • Context-specific insights - Environment and version nuances, configuration-dependent behavior, and edge cases
  • YAML frontmatter - name and description fields for skill metadata

Skills focus on deep, specialized knowledge to significantly enhance agent capabilities. They are dynamically injected into agent context when needed.


🤝 Contributing

Community contributions are more than welcome — contribute new skills via pull requests or GitHub issues to help expand the collection and improve extensibility for Strix agents.


Note

Work in Progress - We're actively expanding the skills collection with specialized techniques and new categories.