Installation

clawhub install shaniidev/bug-reaper

Summary

Bug bounty hunting agent for web apps and APIs, covering recon, vulnerability auditing, exploit validation, and platform-specific report writing. Supports 18 vulnerability classes including XSS, SQLi, SSRF, IDOR, and RCE. Works against live targets (black-box) and locally downloaded source code (white-box).

SKILL.md

Quick overview

Bug bounty hunting agent for web apps and APIs, covering recon, vulnerability auditing, exploit validation, and platform-specific report writing. Supports 18 vulnerability classes including XSS, SQLi, SSRF, IDOR, and RCE. Works against live targets (black-box) and locally downloaded source code (white-box).

It enforces a validation gate before any finding is reported, filtering out false positives that typically get closed by triage without reward.

Common tasks

  • Auditing a web app enrolled in an active HackerOne program
  • Finding IDOR bugs by swapping resource IDs across two test accounts
  • Reviewing a downloaded GitHub repo for injection vulnerabilities
  • Writing a Bugcrowd-formatted report for a confirmed SSRF finding
  • Chaining a low-severity CORS misconfiguration into a higher-impact exploit

Install paths

Primary command


openclaw install shaniidev/bug-reaper

ClawHub installer


npx clawhub@latest install shaniidev/bug-reaper

OpenClaw CLI


openclaw skills install shaniidev/bug-reaper

Direct OpenClaw install


openclaw install shaniidev/bug-reaper

Skill metadata

  • Category: Web & Frontend Development
  • Language: Markdown
  • Version: 0.0.5
  • Security status: Suspicious

Review upstream source

The full public SKILL.md body is not directly fetchable for this entry right now, so this page is using the best available catalog metadata. Review the upstream source page for the latest files, version history, and security scan details: https://clawhub.ai/shaniidev/bug-reaper

Recommended skills

Browse all →