Solve Challenge
Install this skill when you have a CTF bundle, remote service, or mystery file and need the agent to triage category and route to the right specialized ctf-* skill instead of guessing techniques.
Overview
solve-challenge is an agent skill most often used in Validate (also Build agent-tooling, Ship security) that triages CTF challenges and routes work to the correct specialized ctf-* skill.
Install
npx skills add https://github.com/ljagiello/ctf-skills --skill solve-challengeWhat is this skill?
- Dispatcher that performs first-pass triage and picks the dominant CTF category
- Routes execution to specialized ctf-* skills instead of deep-diving every technique inline
- Central install_ctf_tools.sh entrypoint with modes: all, python, apt, brew, gems, go
- Explicit skip when category is already known and a specialized skill can be invoked directly
- Orchestrates bash, Python 3, WebFetch, WebSearch, and other agent tools for recon
- Central installer supports modes: all, python, apt, brew, gems, go
Adoption & trust: 4.3k installs on skills.sh; 2.3k GitHub stars; 1/3 security scanners passed (skills.sh audits).
What problem does it solve?
You have a CTF artifact or remote target but no clear category, so the agent wastes turns on the wrong techniques or skips proper tooling setup.
Who is it for?
Competition weekends, security labs, or indie builders practicing appsec who want a single entry skill for unknown challenge types.
Skip if: Scenarios where the challenge category is already identified and a dedicated ctf-web or ctf-crypto skill should run immediately without a dispatcher.
When should I use this skill?
User gives a challenge bundle, remote service, suspicious file, or vague description and category is not yet clear; do not use when a specialized ctf-* skill is already the right entry.
What do I get? / Deliverables
The agent completes recon, names the dominant category, and invokes the appropriate specialized ctf-* skill with environment prep from install_ctf_tools.sh.
- Category classification and routing plan
- Tooling environment prepared via install_ctf_tools.sh
Recommended Skills
Journey fit
Spans multiple journey phases - primary shelf plus alternate fits below.
Validate prototype is the first journey shelf for unknown challenge material before you commit to a full build or security hardening path. Prototype fits one-off challenge solving and recon entrypoints rather than steady-state product frontend or growth work.
Where it fits
Unpack a competition ZIP with unknown file types and classify before invoking ctf-forensics or ctf-web.
Run install_ctf_tools.sh all once before a CTF weekend so downstream category skills find binaries and Python libs ready.
Practice exploitation on a staged remote service after triage confirms it is a web challenge rather than crypto.
How it compares
Meta orchestration skill for CTF stacks, not a standalone exploit cookbook or MCP-only browser tool.
Common Questions / FAQ
Who is solve-challenge for?
Solo players and small teams using filesystem-based agents with bash and Python who need systematic triage before deep category skills run.
When should I use solve-challenge?
At Validate when probing a new bundle; during Build agent-tooling setup before a CTF event; at Ship security when practicing exploitation paths on lab targets—not when the category is already obvious.
Is solve-challenge safe to install?
It orchestrates shell installs, file reads, and network fetches typical of CTF workflows—only use on trusted lab machines and review the Security Audits panel on this Prism page.
SKILL.md
READMESKILL.md - Solve Challenge
# CTF Challenge Solver You're a skilled CTF player. Your goal is to solve the challenge and find the flag. ## Environment Setup Two setup strategies depending on your workflow: ### Pre-install (recommended before competitions) Use the central installer entrypoint: ```bash bash scripts/install_ctf_tools.sh all ``` Run a narrower mode when you only want one tool group: ```bash bash scripts/install_ctf_tools.sh python bash scripts/install_ctf_tools.sh apt bash scripts/install_ctf_tools.sh brew bash scripts/install_ctf_tools.sh gems bash scripts/install_ctf_tools.sh go bash scripts/install_ctf_tools.sh manual ``` The full package lists now live in [scripts/install_ctf_tools.sh](../scripts/install_ctf_tools.sh). ### On-demand (during challenges) Each category skill's `SKILL.md` has a **Prerequisites** section listing only the tools needed for that category. Install as you go. ## Workflow ### Step 0: CTFd Platform Detection If the CTF platform URL is known, check if it runs CTFd and switch to API-driven navigation: ```bash # Detect CTFd (look for /api/v1/ and /themes/core/) curl -s "$CTF_URL/api/v1/" | head -5 curl -s "$CTF_URL" | grep -oE '/themes/core/' ``` If CTFd is detected, **ask the user for their API token** (generated from CTFd Settings > Access Tokens). The token is not provided by default — the user must create one in the CTFd web UI first. Once provided, set the environment variables and proceed via API: ```bash export CTF_URL="https://ctf.example.com" export CTF_TOKEN="ctfd_..." # Ask user for this ``` Invoke `/ctf-misc` and load its `ctfd-navigation.md` for the full API reference and Python client class. ### Step 1: Recon 1. **Explore files** -- List the challenge directory, run `file *` on everything 2. **Triage binaries** -- `strings`, `xxd | head`, `binwalk`, `checksec` on binaries 3. **Fetch links** -- If the challenge mentions URLs, fetch them FIRST for context 4. **Connect** -- Try remote services (`nc`) to understand what they expect 5. **Read hints** -- Challenge descriptions, filenames, and comments often contain clues ### Step 2: Categorize Determine the primary category, then invoke the matching skill. **By file type:** - `.pcap`, `.pcapng`, `.evtx`, `.raw`, `.dd`, `.E01` -> forensics - `.elf`, `.exe`, `.so`, `.dll`, binary with no extension -> reverse or pwn (check if remote service provided -- if yes, likely pwn) - `.py`, `.sage`, `.txt` with numbers -> crypto - `.apk`, `.wasm`, `.pyc` -> reverse - Web URL or source code with HTML/JS/PHP/templates -> web - Images, audio, PDFs with no obvious content -> forensics (steganography) **By challenge description keywords:** - "buffer overflow", "ROP", "shellcode", "libc", "heap" -> pwn - "RSA", "AES", "cipher", "encrypt", "prime", "modulus", "lattice", "LWE", "GCM" -> crypto - "XSS", "SQL", "injection", "cookie", "JWT", "SSRF" -> web - "disk image", "memory dump", "packet capture", "registry", "power trace", "side-channel", "spectrogram", "audio tracks", "MKV" -> forensics - "find", "locate", "identify", "who", "where" -> osint - "obfuscated", "packed", "C2", "malware", "b