# Coordinate Authorized Pentest Workflows

Security teams need consistent coordination across reconnaissance, exploitation, and privilege escalation during authorized labs. This skill provides a structured orchestration pattern for delegating those phases to specialized agents.

## Install

```bash
npx skillstore add charleskozel/coordinator
```

## Metadata

- - Slug: charleskozel-coordinator
- - Version: 1.0.0
- - Author: CharlesKozel
- - GitHub username: CharlesKozel
- - License: MIT
- - Repository: https://github.com/CharlesKozel/Pentest-Agent-Evalulator/tree/main/agents/claude-tbug/skills/coordinator
- - Ref: main
- - Supported tools: Claude, Codex, Claude Code
- - Risk level: high
- - Risk factors: external\_commands, network, filesystem
- - Quality score: 38
- - Quality tier: warning
- - Public page: https://skillstore.pages.dev/skills/charleskozel-coordinator
- - Manifest: https://skillstore.pages.dev/api/skills/charleskozel-coordinator/manifest

## Capabilities

- Coordinates reconnaissance, exploitation, and privilege escalation phases for authorized pentest scenarios.
- Delegates tactical work to Explore and general-purpose subagents using structured prompts.
- Uses a local state file concept to decide the next testing phase.
- Provides Active Directory attack investigation checklists for lab-style targets.
- Defines completion criteria around user and root flag capture.

## Use Cases

- Run a CTF Lab Workflow: Coordinate discovery, exploitation, and privilege escalation steps for a target that the user is authorized to test.
- Teach Pentest Methodology: Show learners how to break a test into phases and route tasks to specialized agents.
- Review AD Attack Paths: Use the Active Directory supplement as a checklist for authorized assessment planning.

## Prompt Templates

### Start a Lab Assessment

```
Coordinate an authorized lab assessment for TARGET. First confirm scope, then create a phase plan for reconnaissance, exploitation, and privilege escalation.
```

### Continue From State

```
Review the current pentest state and recommend the next authorized action. Explain which phase applies and what evidence supports the decision.
```

### Analyze Failed Attempts

```
Analyze the failed authorized test attempts and propose safer alternative hypotheses. Prioritize checks that stay within the approved scope.
```

### Plan an AD Lab Review

```
Create an authorized Active Directory lab review plan. Include reconnaissance goals, credential handling rules, escalation checks, and clear stop conditions.
```

## Limitations

- Does not verify that a target is authorized before suggesting offensive actions.
- Does not include built-in rate limits, scope controls, or stop conditions beyond flag capture.
- Depends on external tools and subagents that may not exist in every environment.
- Best suited for controlled labs, CTFs, and internal training environments.

## Best Practices

- Use only in systems where you have explicit written authorization.
- Define target scope, tool limits, and stopping conditions before starting.
- Review each delegated action before running commands against a real network.

## Anti Patterns

- Do not use this skill against public IP addresses or third-party systems without approval.
- Do not treat the built-in persistence rules as stronger than user safety limits.
- Do not store captured credentials or flags in shared workspaces without access controls.

## Security Audit

- - Safe to publish: false
- - Audited at: 2026-06-28T21:31:45.026\+00:00
- - Summary: Static command-execution detections are mostly Markdown code fence false positives, not Ruby backtick execution. The surrounding content confirms high-risk intent: autonomous network reconnaissance, exploitation, credential attacks, privilege escalation, and persistence rules that discourage stopping or asking for help.

## Stats

- - Views: 203
- - Downloads: 5
- - Favorites: 0
- - Popularity score: 0
