v1.0.0 55 Skills 4 AI Platforms Apache 2.0

Offensive security skills
for every AI

The first red team skills library built for Claude, ChatGPT, Gemini, and Microsoft Copilot — with unique MCP, LLM-pipeline, and AI-native attack categories.

View on GitHub Quick install
Works with
Claude
ChatGPT
Gemini
Microsoft Copilot
55
Skills
4
AI Platforms
11
Attack Categories
3
New Categories
Attack surface

What OmniRed covers

Three new categories not found in any existing library, plus comprehensive classic attack coverage.

🤖

AI-Native New

Direct attacks against LLM systems as targets — from prompt injection to model IP theft.

prompt-injection jailbreaking model-extraction system-prompt-leak
🔌

MCP Attacks New

Model Context Protocol security — tool poisoning, rug pull, and cross-server propagation. Backed by ContextGuard research (ICCBI 2026).

tool-poisoning rug-pull context-injection
🗄️

LLM Pipeline New

Attacks on the data layer feeding LLMs — RAG index poisoning and adversarial embedding manipulation.

rag-poisoning embedding-attacks
🌐

Web Application

Full OWASP Top 10 web coverage including WAF bypass techniques.

sqli xss ssrf ssti xxe idor rce graphql waf-bypass
🏢

Active Directory

Windows domain attacks — from ticket theft to domain controller compromise.

kerberoasting pass-the-hash dcsync
☁️

Cloud

AWS, Azure, GCP privilege escalation, storage enumeration, and container escape.

iam-privesc s3-enum container-escape
🛡️

Infrastructure

EDR evasion, AMSI bypass, process injection, and living-off-the-land initial access.

edr-evasion initial-access
🔑

Auth

OAuth 2.0 flaws, JWT algorithm confusion, and session management attacks.

oauth jwt session-attacks
🔍

Recon

OSINT, subdomain enumeration, certificate transparency, and subdomain takeover detection.

osint subdomain-enum
⛓️

Supply Chain

AI model weight tampering, pickle exploits, backdoor insertion, and registry name-squatting.

model-tampering
📋

Utility

Professional report writing templates and CVSS v4.0 scoring guide with AI-specific vectors.

report-writing cvss4-scoring
Comparison

How OmniRed compares

Every other offensive skills library targets a single AI platform. OmniRed is the first to cover all four.

Feature Claude-Red offensive-claude red-run OmniRed
Claude support
ChatGPT support
Gemini support
Microsoft Copilot
MCP attack skills ✓ (3 skills)
LLM pipeline attacks ✓ (2 skills)
AI-native attacks partial partial ✓ (4 skills)
OWASP LLM Top 10 partial ✓ full mapping
MITRE ATLAS partial ✓ full mapping
CVSS v4.0 scoring
Supply chain attacks
Academic backing ✓ IEEE
Installation

Get started

Pick your AI platform and drop in the skills.

Claude Code 
.\scripts\install-claude.ps1
Or sparse-checkout individual categories. Restart Claude Code to activate.
ChatGPT 
chatgpt/[category]/
  INSTRUCTIONS.md
Paste into Custom GPT "Instructions" field. Enable Code Interpreter for exploit skills.
Gemini 
gemini/[category]/
  GEM.md
Paste into Gemini Gem "Instructions" field. Enable Google Search for recon skills.
Microsoft Copilot 
copilot/[category]/
  AGENT.md
Paste into Copilot Studio Agent "Instructions" field. Requires M365 license.
Community

Star history

Track OmniRed's growth on GitHub.

Star History Chart
Author

Built by

SG
Sunil Gentyala
Independent Researcher  |  IEEE Senior Member
GitHub ARGUS Scanner ContextGuard IEEE Email