Can it generate proof-of-concept code?

Yes, the skill is designed to generate exploitation code or URLs required to demonstrate the vulnerability as part of the report description.

What inputs does this skill require?

The skill requires raw HTTP requests and responses relevant to the bug, along with a brief description of the attack flow provided by the researcher.

Is this skill only compatible with HackerOne?

While it follows the HackerOne report structure, the generated content is suitable for any bug bounty platform, VDP, or internal security disclosure process.

Does it include supporting materials or references?

The skill specifically focuses on the core report components like summary, description, and impact, while leaving the references section for the user to finalize.

How does this improve the triage process?

By providing a standardized, concise, and easy-to-follow report, it minimizes the work for triagers to reproduce the bug, often leading to faster validation.

HackerOne Report Generator

Name: HackerOne Report Generator
Author: bdmorin

bybdmorin

•

Seguridad y Pruebas

Generates professional, concise, and easy-to-reproduce bug bounty reports from raw HTTP logs and attack descriptions.

This skill acts as an elite bug bounty hunter to transform raw technical data, including HTTP requests, responses, and manual attack flow descriptions, into high-quality security vulnerability reports. It is specifically designed to bridge the gap between technical discovery and professional communication, helping researchers present their findings in a format that triagers love. By focusing on impactful titles, streamlined reproduction steps, and clear severity statements, it helps security professionals increase their signal-to-noise ratio and ensure their vulnerabilities are understood and prioritized correctly.

Características Principales

01Standardizes security documentation for HackerOne and VDP platforms

02Converts raw HTTP logs into structured vulnerability reports

031 GitHub stars

04Creates step-by-step reproduction instructions for triagers

05Generates concise, high-impact titles and executive summaries

06Formulates compelling impact statements to justify severity

Casos de Uso

01Automating the documentation phase of a bug bounty engagement

02Standardizing vulnerability disclosures for internal security teams

03Translating complex technical exploits into clear, readable reports

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add bdmorin/the-no-shop write-hackerone-report

For use in Claude.ai and ChatGPT

Características Principales

01Standardizes security documentation for HackerOne and VDP platforms

02Converts raw HTTP logs into structured vulnerability reports

031 GitHub stars

04Creates step-by-step reproduction instructions for triagers

05Generates concise, high-impact titles and executive summaries

06Formulates compelling impact statements to justify severity

Casos de Uso

01Automating the documentation phase of a bug bounty engagement

02Standardizing vulnerability disclosures for internal security teams

03Translating complex technical exploits into clear, readable reports

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add bdmorin/the-no-shop write-hackerone-report

For use in Claude.ai and ChatGPT