Ctf Writeup
Produce a fast, organizer-ready CTF solve writeup with reproducible steps and artifacts after a challenge is solved.
Overview
CTF Write-up is an agent skill for the Ship phase that generates a standardized, submission-style competition writeup after a challenge is solved.
Install
npx skills add https://github.com/ljagiello/ctf-skills --skill ctf-writeupWhat is this skill?
- Submission-style writeup optimized for competition speed and organizer validation
- Step 1 gather workflow: metadata, artifacts, timeline, dead ends, and pivots
- Bash recipes to scan exploit scripts and flag patterns in the workspace
- Default preference for one complete solve script from challenge data to flag
- Structured format for tools used and lessons learned
- 3-part gather workflow: metadata, artifacts, timeline
Adoption & trust: 3.4k installs on skills.sh; 2.3k GitHub stars; 2/3 security scanners passed (skills.sh audits).
What problem does it solve?
You captured the flag but have scattered scripts and terminal scrollback, so organizers or teammates cannot reproduce or score your solve quickly.
Who is it for?
Active CTF players and indie security learners who need organizer-grade documentation minutes after a solve.
Skip if: Builders who want automated exploitation, vulnerability scanning, or long-form blog tutorials unrelated to submission rules.
When should I use this skill?
After solving a CTF challenge to document solution steps, tools used, and lessons learned in a structured submission format.
What do I get? / Deliverables
You get one complete submission-style document with metadata, tooling, timeline, and a reproducible solve path suitable for competition handoff.
- Submission-style CTF writeup
- Referenced solve script path
- Tools and timeline section
Recommended Skills
Journey fit
How it compares
A post-solve documentation generator—not an offensive toolchain or pentest report template for clients.
Common Questions / FAQ
Who is ctf-writeup for?
CTF competitors and solo builders documenting security challenge solves for organizers, teammates, or personal portfolios.
When should I use ctf-writeup?
Immediately after you have a confirmed flag and artifacts, especially during competitions when validation speed matters.
Is ctf-writeup safe to install?
The skill uses bash, read, and write on your repo—check the Security Audits panel on this Prism page and only run it in environments you control.
SKILL.md
READMESKILL.md - Ctf Writeup
# CTF Write-up Generator Generate a standardized submission-style CTF writeup for a solved challenge. Default behavior: - During an active competition, optimize for speed, clarity, and reproducibility - Keep writeups short enough that a teammate or organizer can validate the solve quickly - Always produce a `submission`-style writeup - Prefer one complete solve script from challenge data to final flag ## Workflow ### Step 1: Gather Information Collect the following from the current session, challenge files, and user input: 1. **Challenge metadata** — name, CTF event, category, difficulty, points, flag format 2. **Solution artifacts** — exploit scripts, payloads, screenshots, command output 3. **Timeline** — key steps taken, dead ends, pivots ```bash # Scan for exploit scripts and artifacts find . -name '*.py' -o -name '*.sh' -o -name 'exploit*' -o -name 'solve*' | head -20 # Check for flags in output files grep -rniE '(flag|ctf|eno|htb|pico)\{' . 2>/dev/null ``` ### Step 2: Generate Write-up Write the writeup file as `writeup.md` (or `writeup-<challenge-name>.md`) using the submission template below. --- ## Templates ### Submission Format ```markdown --- title: "<Challenge Name>" ctf: "<CTF Event Name>" date: YYYY-MM-DD category: web|pwn|crypto|reverse|forensics|osint|malware|misc difficulty: easy|medium|hard points: <number> flag_format: "flag{...}" author: "<your name or team>" --- # <Challenge Name> ## Summary <1-2 sentences: what the challenge was and the core technique. Keep it direct.> ## Solution ### Step 1: <Action> <Explain the key observation in 3-8 short lines. Keep it direct.> \`\`\`python <one complete solving script from provided challenge data to printing the final flag> \`\`\` ### Step 2: <Action> (optional) <Only add this when a second short step genuinely helps readability, such as separating the core observation from final verification.> ### Step 3: <Action> (optional) <Use only if the challenge really needs it. Keep the total number of steps small.> ## Flag \`\`\` flag{example_flag_here} \`\`\` ``` Guidance: - Prefer 1-3 short steps total - Keep code to the smallest complete solving script - Do not split "recover secret", "derive key", and "decrypt flag" into separate partial snippets - The script should start from the challenge data and end by printing the flag - Avoid long background sections - Avoid dead ends unless they explain a key pivot - Avoid multiple alternative solves; pick one clean path - Redact the flag only if the user explicitly asks for redaction --- ## Best Practices Checklist Before finalizing the writeup, verify: - [ ] **Metadata complete** — title, CTF, date, category, difficulty, points, author all filled - [ ] **Flag handling matches request** — keep the real flag unless the user asked for redaction - [ ] **Reproducible steps** — a reader can follow your writeup and reproduce the solution - [ ] **Code is runnable** — exploit scripts include all imports, correct variable names, and comments - [ ] **No sensitive data** — no real credentials, API keys, or private infrastructure details - [ ] **Length stays concise** — the writeup is short enough for fast review - [ ] **Tools and versions noted** — mention specific tool versions if behavior depends on them - [ ] **Proper attribution** — credit teammates, referenced writeups, or tools that were essential - [ ] **Grammar and formatting** — consistent heading levels, code blocks have language tags #