ajmallesh
f2870e3340
Reduce prompts/pipeline-testing/report-executive.txt from 137 to 30 lines by: - Removing hardcoded detailed vulnerability content - Testing actual workflow (read → modify → save) instead of creating from scratch - Removing meta-commentary, keeping only direct instructions - Making it consistent with other pipeline testing prompts (30 lines like exploit agents) The prompt now properly mimics the real reporting agent behavior where the orchestration code stitches files first, then the agent modifies the result. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
31 lines
1016 B
Plaintext
31 lines
1016 B
Plaintext
Create a file at `deliverables/comprehensive_security_assessment_report.md` with this content:
|
|
|
|
```markdown
|
|
# Injection Exploitation Evidence
|
|
|
|
## Successfully Exploited Vulnerabilities
|
|
|
|
### INJ-VULN-01: SQL Injection Test
|
|
|
|
**Summary:** Test SQL injection vulnerability for pipeline testing.
|
|
|
|
# Authentication Exploitation Evidence
|
|
|
|
## Successfully Exploited Vulnerabilities
|
|
|
|
### AUTH-VULN-01: Authentication Bypass Test
|
|
|
|
**Summary:** Test authentication vulnerability for pipeline testing.
|
|
```
|
|
|
|
Then read and modify the file by adding these sections at the top:
|
|
|
|
1. **Executive Summary** section with:
|
|
- Target: {{WEB_URL}}
|
|
- Assessment Date: (current date)
|
|
- Scope: Authentication, XSS, SQL and Command Injection, SSRF, Authorization testing
|
|
- Brief summary of findings (2-3 vulnerabilities found for testing)
|
|
|
|
2. **Network Reconnaissance** section with test data for open ports and services
|
|
|
|
Save the modified content back to `deliverables/comprehensive_security_assessment_report.md`, then say "Done". |