# Assess Netcat Network Testing Risk

Security teams need clear review of netcat workflows before using them in controlled environments. This skill explains network testing patterns, but its offensive shell and exfiltration guidance makes it unsafe for open marketplace publishing.

## Install

```bash
npx skillstore add agentsecops/network-netcat
```

## Metadata

- - Slug: agentsecops-network-netcat
- - Version: 0.1.0
- - Author: AgentSecOps
- - GitHub username: AgentSecOps
- - License: MIT
- - Repository: https://github.com/AgentSecOps/SecOpsAgentKit/tree/main/skills/offsec/network-netcat
- - Ref: main
- - Supported tools: Claude, Codex, Claude Code
- - Risk level: critical
- - Risk factors: external\_commands, network, filesystem
- - Quality score: 38
- - Quality tier: warning
- - Public page: https://skillstore.pages.dev/skills/agentsecops-network-netcat
- - Manifest: https://skillstore.pages.dev/api/skills/agentsecops-network-netcat/manifest

## Capabilities

- Explains TCP and UDP connectivity checks with netcat and ncat.
- Documents banner grabbing and simple port availability testing.
- Covers file transfer workflows and verification concepts.
- Describes reverse shell, bind shell, and PTY upgrade workflows.
- Includes relay, pivoting, persistence, and post-exploitation examples.
- Lists defensive monitoring considerations for netcat activity.

## Use Cases

- Authorized Connectivity Review: Review permitted netcat connectivity checks for known in-scope hosts and document expected results.
- Security Content Audit: Evaluate whether netcat guidance crosses from defensive testing into unsafe offensive instruction.
- Detection Planning: Identify netcat behaviors that should trigger process, network, and command-line monitoring.

## Prompt Templates

### Beginner Scope Check

```
Review this planned netcat connectivity test for authorization, scope, and logging requirements. Do not provide shell access or bypass instructions.
```

### Connectivity Result Summary

```
Help me summarize netcat connectivity and banner results for these approved hosts. Focus on findings, uncertainty, and next defensive steps.
```

### Detection Controls

```
Create a defensive monitoring checklist for netcat and ncat use across endpoints and network logs. Exclude offensive execution steps.
```

### Marketplace Risk Assessment

```
Assess this netcat skill for marketplace publication risk. Separate benign testing guidance from shell access, persistence, pivoting, and exfiltration content.
```

## Limitations

- The source contains actionable offensive content that can enable unauthorized access.
- It does not enforce authorization, scope validation, or technical safety controls.
- Netcat scanning is slower and less complete than dedicated network scanners.
- Several examples require tools or privileges that may not exist on target systems.

## Best Practices

- Use this material only for assets covered by written authorization and a defined test scope.
- Prefer defensive summaries, detection guidance, and connectivity validation over shell access workflows.
- Log each approved test with source, destination, time, owner, and cleanup confirmation.

## Anti Patterns

- Do not use netcat to establish shell access on systems without explicit written approval.
- Do not transfer sensitive files or database exports through ad hoc listeners.
- Do not create services, cron jobs, or scheduled tasks that maintain unauthorized access.

## Security Audit

- - Safe to publish: false
- - Audited at: 2026-06-28T05:44:52.984\+00:00
- - Summary: Static analysis reported extensive command execution, network, and filesystem patterns. Manual review confirms critical risk in SKILL.md because it provides actionable reverse shell, bind shell, persistence, payload delivery, pivoting, and data exfiltration workflows; several findings in template reference files are benign educational examples. No evidence found of prompt injection text in the reviewed files.

## Stats

- - Views: 399
- - Downloads: 5
- - Favorites: 0
- - Popularity score: 0