farhoodlabs/skills
8
0
Fork 1
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

docs: elaborate Hightower skill and remove namespace hardcoding

Browse Source 
- Add architecture overview explaining what Hightower is: AI pentest platform
  forked from KeygraphHQ/shannon, with hightower-api (Hono), Shannon workers
  in K8s Jobs, Temporal orchestration, and workspace PVC for reports
- Remove hardcoded `hightower` namespace from intro prose and example URL
  (the API URL comes from HIGHTOWER_API_URL env var; namespace is irrelevant)
- Add hightower to README index and CLAUDE.md skill list

Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
Goose
2026-04-22 00:20:10 +00:00
parent d182f3817d
commit b489688201
3 changed files with 12 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
CLAUDE.md
+1
View File
@@ -17,6 +17,7 @@ Each skill follows this convention:
## Current Skills
- **`github-app-token`** — Generates a short-lived GitHub App installation access token, writes it to `.gh-token` under `$GH_CONFIG_DIR` (preferred) or `$AGENT_HOME` (fallback), and authenticates the `gh` CLI. Requires `GITHUB_APP_ID`, `GITHUB_APP_INSTALLATION_ID`, and one of `GITHUB_APP_PEM` (inline PEM) or `GITHUB_APP_PEM_FILE` (path). Depends on `openssl`, `curl`, `jq`, `gh`.
- **`hightower`** — Interacts with the Hightower AI pentest API: start scans, poll status, retrieve markdown reports. Requires `HIGHTOWER_API_URL` and `HIGHTOWER_API_TOKEN`. Documentation only — no scripts.
- **`kubernetes-reflector`** — Documents Kubernetes Reflector annotations for mirroring secrets and configmaps across namespaces. Documentation only — no scripts.
- **`minimax-image-generation`** — Generates images from MiniMax's `image-01` model via `/v1/image_generation`. Requires `MINIMAX_API_KEY`; `MINIMAX_API_BASE_URL` is optional. Depends on `curl`, `jq`, `base64`.
README.md
+1
View File
@@ -7,6 +7,7 @@ A collection of Claude Code skills — reusable tools that extend Claude Code's
| Skill | What it does |
|---|---|
| [`github-app-token`](./github-app-token) | Generate a short-lived GitHub App installation access token and authenticate the `gh` CLI with it. |
| [`hightower`](./hightower) | Start AI-powered penetration test scans, check scan status, and retrieve security findings reports via the Hightower API. |
| [`kubernetes-reflector`](./kubernetes-reflector) | Reference for Kubernetes Reflector annotations that mirror secrets and configmaps across namespaces. |
| [`minimax-image-generation`](./minimax-image-generation) | Generate images from MiniMax's `image-01` model via the `/v1/image_generation` endpoint. |
hightower/SKILL.md
+10 -4
View File
@@ -7,7 +7,15 @@ allowed-tools: Bash, Read
# Hightower: Penetration Testing API
Hightower is deployed in the `hightower` namespace on Kubernetes. It exposes a REST API for scan management and a Temporal cluster for workflow orchestration.
Hightower is an AI-powered penetration testing platform forked from [KeygraphHQ/shannon](https://github.com/KeygraphHQ/shannon). It runs multi-agent security assessments against a target URL and git repository, coordinating up to 13 specialized AI agents (recon, auth testing, injection, etc.) to produce a structured findings report.
**Architecture:**
- **`hightower-api`** — Hono REST API. Accepts scan requests, creates Kubernetes Jobs for each scan, queries Temporal for job progress, and serves reports from the workspace PVC.
- **Worker** — Shannon fork running inside K8s Jobs. Each scan gets its own Job; the worker executes the full AI agent pipeline against the target.
- **Temporal** — Workflow orchestration engine. Tracks scan state, retries, and completion.
- **Workspace PVC** — Persistent volume where completed scan reports are stored and served by the API.
Scans are triggered via REST API and run asynchronously. Typical scan duration is ~36 minutes for the full 13-agent pipeline.
## Configuration
@@ -15,7 +23,7 @@ All settings come from environment variables:
| Variable | Description |
|----------|-------------|
| `HIGHTOWER_API_URL` | Hightower REST API base URL (e.g., `http://hightower-api.hightower:3000`) |
| `HIGHTOWER_API_URL` | Hightower REST API base URL (e.g., `http://hightower-api:3000`) |
| `HIGHTOWER_API_TOKEN` | Bearer auth token for the Hightower API |
---
@@ -111,8 +119,6 @@ grep -A 10 "^### \[HIGH\]" report.md
2. **completed** — Job succeeded, report available at `{workspace}/report`
3. **failed** — Job failed (check pod logs)
Typical runtime: ~36 minutes for a full 13-agent pipeline.
---
## Notes