DiscordSign up
SKILLS.SH

ghost-proxy

MITM proxy for capturing, inspecting, and replaying HTTP/HTTPS traffic between clients and servers. Start the proxy scoped to specific domains or hostnames; traffic outside scope passes through transparently without logging View captured request/response logs, search by method/path/status/host with wildcard support, and inspect full raw HTTP entries Supports both foreground and daemon modes with configurable port; default listen address is localhost:8443 Requires manual client configuration (curl flags, environment variables, or code-level proxy settings) to route traffic through the proxy; generates its own CA certificate for MITM TLS interception

INSTALLATION
npx skills add https://github.com/ghostsecurity/skills --skill ghost-proxy
Run in your project or agent environment. Adjust flags if your CLI version differs.

SKILL.md

Reaper MITM Proxy

Reaper is a CLI-based MITM HTTPS proxy for application security testing. It intercepts, logs, and allows inspection of HTTP/HTTPS traffic flowing through it. Use it to capture live request/response pairs for security validation.

Prerequisites

Before using any reaper command, make sure the latest version of the binary is installed:

curl -sfL https://raw.githubusercontent.com/ghostsecurity/reaper/main/scripts/install.sh | bash

All reaper commands in this document should be invoked as ~/.ghost/bin/reaper unless ~/.ghost/bin is on PATH.

Quick Reference

Command

Purpose

reaper start --domains example.com

Start proxy (foreground)

reaper start --domains example.com -d

Start proxy (daemon)

reaper logs

Show recent captured entries

reaper search --method POST --path /api/*

Search captured traffic

reaper get <id>

Show full request + response

reaper req <id>

Show raw HTTP request only

reaper res <id>

Show raw HTTP response only

reaper stop

Stop the daemon

Starting the Proxy

Start reaper scoped to the target domain(s). At least one --domains or --hosts flag is required.

# Intercept all traffic to example.com and its subdomains

reaper start --domains example.com

# Multiple domains

reaper start --domains example.com,api.internal.co

# Exact hostname matching

reaper start --hosts api.example.com

# Both domain suffix and exact host matching

reaper start --domains example.com --hosts special.internal.co

# Custom port (default: 8443)

reaper start --domains example.com --port 9090

# Run as background daemon

reaper start --domains example.com -d

Scope behavior:

  • --domains: Suffix match. example.com matches example.com, api.example.com, sub.api.example.com
  • --hosts: Exact match. api.example.com matches only api.example.com
  • Traffic outside scope passes through transparently without logging

Routing Traffic Through the Proxy

Configure the HTTP client to use the proxy. The default listen address is localhost:8443.

# curl

curl -x http://localhost:8443 -k https://api.example.com/endpoint

# Environment variables (works with many tools)

export http_proxy=http://localhost:8443

export https_proxy=http://localhost:8443

# Python requests

import requests

requests.get("https://api.example.com/endpoint",

             proxies={"http": "http://localhost:8443", "https": "http://localhost:8443"},

             verify=False)

The -k / verify=False flag is needed because reaper generates its own CA certificate at startup for MITM TLS interception.

Viewing Captured Traffic

Recent Entries

# Show last 50 entries (default)

reaper logs

# Show last 200 entries

reaper logs -n 200

Output columns: ID, METHOD, HOST, PATH, STATUS, MS, REQ (request body size), RES (response body size).

Searching

# By HTTP method

reaper search --method POST

# By host (supports * wildcard)

reaper search --host *.api.example.com

# By domain suffix

reaper search --domains example.com

# By path prefix (supports * wildcard)

reaper search --path /api/v3/transfer

# By status code

reaper search --status 200

# Combined filters

reaper search --method POST --path /api/v3/* --status 200 -n 50

Inspecting Individual Entries

# Full request and response (raw HTTP)

reaper get 42

# Request only

reaper req 42

# Response only

reaper res 42

Output is raw HTTP/1.1 format including headers and body, suitable for analysis or replay.

Stopping the Proxy

reaper stop

Common Workflows

Validate a Security Finding

When used with the validate skill (may need to collaborate with the user to setup the test environment):

  • Start reaper scoped to the application domain
  • Verify traffic is being captured by running reaper logs — at least one entry should appear after routing a test request through the proxy
  • If no entries appear, verify proxy settings and domain scope match the target
  • Authenticate (or ask the user to authenticate) as a normal user and exercise the vulnerable endpoint legitimately
  • Search for the captured request to understand the expected request format
  • Craft and send a malicious request that exercises the exploit described in the finding
  • Inspect the response to determine if the exploit succeeded
  • Use reaper get <id> to capture the full request/response as evidence

Data Storage

All data is stored in ~/.reaper/:

  • reaper.db - SQLite database with captured entries
  • reaper.sock - Unix socket for CLI-to-daemon IPC
  • reaper.pid - Daemon process ID

The CA certificate is generated fresh in memory on each start and is not persisted.

BrowserAct

Let your agent run on any real-world website

Bypass CAPTCHA & anti-bot for free. Start local, scale to cloud.

Explore BrowserAct Skills →

Related skills

find-skills
2/3

Discover and install specialized agent skills from the open ecosystem when users need extended capabilities. Helps identify relevant skills by domain and task when users ask "how do I do X" or "find a skill for X" Integrates with the Skills CLI ( npx skills find , npx skills add ) to search, verify, and install packages from the skills.sh directory Recommends skills based on install count, source reputation, and GitHub stars to ensure quality before suggesting installation Presents skill options with install commands and links to skills.sh for user review and one-click installation

Verified authorvercel-labs
SKILLS.SH
1.5M19.6K
2026-05-22
vercel-react-best-practices
3/3

React and Next.js performance optimization guide with 64 prioritized rules across 8 categories. Organized by impact level, from critical waterfalls and bundle optimization down to advanced patterns, each rule includes incorrect/correct code examples and explanations Covers eight domains: async patterns, bundle size, server-side caching, client-side data fetching, re-render optimization, rendering performance, JavaScript efficiency, and advanced patterns Designed for use during component writing, code review, refactoring, and performance audits on React and Next.js applications Each rule has a prefix code (e.g., async-parallel , bundle-barrel-imports ) for easy reference in automated tooling and documentation

Verified authorvercel-labs
SKILLS.SH
389K26.9K
2026-05-22
azure-validate
2/3

Pre-deployment validation for Azure infrastructure, configuration, and permissions before deployment. Requires .azure/plan.md from a prior azure-prepare run; stops immediately if the plan is missing Executes recipe-specific validation commands (azd provision, bicep build, terraform validate) and records proof in the plan document Performs build verification, configuration checks, and permission validation; blocks deployment if any check fails Only authorized method to set plan status to Validated ; must be followed by azure-deploy skill to execute the actual deployment

Verified authormicrosoft
SKILLS.SH
324K1.1K
2026-05-22
appinsights-instrumentation
3/3

Guidance and reference material for instrumenting webapps with Azure Application Insights. Covers SDK setup, telemetry patterns, and configuration for ASP.NET Core and Node.js applications hosted in Azure Distinguishes between this skill (reference and guidance) and azure-prepare (actual implementation); invoke azure-prepare when the user wants to add instrumentation to their project Provides auto-instrumentation guidance for C# ASP.NET Core apps in Azure App Service, plus manual instrumentation paths for creating App Insights resources via Bicep templates or Azure CLI Includes language-specific code modification guides for ASP.NET Core, Node.js, and Python, plus quick references for OpenTelemetry SDKs and exporters

Verified authormicrosoft
SKILLS.SH
324K1.1K
2026-05-22

Stop writing automation&scrapers

Install the CLI. Run your first Skill in 30 seconds. Scale when you're ready.

Start free
free · no credit card