PlaygroundCatalog › Penetration Test Report
PT

Penetration Test Report

🔵 Stable🕐 updated 2026-07-01 🔷 SkillSpec L3 pm-security

Write a clear penetration-test report from findings of an authorized engagement. Use when documenting a pentest, security assessment, or authorized red-team engagement — turning findings into a report clients act on. Produces an executive summary, scope & methodology, findings with severity/evidence/reproduction/remediation, and a risk-ranked remediation plan. For authorized testing only.

▶ Run it free — no key needed 📝 Grade your existing draft View SKILL.md ↗

What to give it

Engagement scope — what was in scope (targets, environments), the authorization/rules of engagement, and the testing window.
Methodology — approach (black/grey/white-box), standards followed (e.g. OWASP, PTES), tools.
Findings — each issue found: what it is, affected asset, how it was exploited, evidence, and impact.
Audience — client's technical team, leadership, or both.

✅ The bar it holds itself to

Every skill in this library self-verifies — these are this skill's own quality checks, straight from its definition.

The executive summary conveys overall risk and top actions without jargon
Scope, authorization, and methodology are stated (results are bounded and clearly authorized)
Each finding has severity, affected asset, reproduction, evidence, impact, and remediation
Findings are ordered by severity and rolled into a risk-ranked remediation plan
Sensitive data in evidence is redacted; positive findings and a retest path are included

⚠️ What it refuses to do

Do not omit the authorization/scope — an unbounded, unauthorized-looking report is unusable and unsafe
Do not give a severity without impact and remediation — clients fix what they understand and can prioritize
Do not write findings only engineers can read (or only execs) — serve both audiences in their sections
Do not leave evidence unredacted — protect the very data you're helping secure
Do not produce this for testing that wasn't authorized in writing

Install

npx pm-claude-skills add --agent claude   # or codex · cursor · gemini · hermes
# or one-line MCP (every skill, any client):
claude mcp add pm-skills -- npx -y pm-claude-skills-mcp

Related skills

🔌 Embed this skill

Drop this on your blog, docs, or site — it renders a "Run this skill" card:

<div data-pm-skill="pentest-report"></div>
<script src="https://mohitagw15856.github.io/pm-claude-skills/embed.js" async></script>

💬 Discussion

Penetration Test Report is one of 599 open-source professional AI agent skills — all SkillSpec L3. Try them all in the browser · ⭐ Star on GitHub · Browse the full catalog