AI Agent Skill HUB

phishing-simulation-skill

Phishing simulation campaign execution and analysis for security awareness assessment

509 stars
bya5c-ai
View on GitHubInstallation ↓

Best use case

phishing-simulation-skill is best used when you need a repeatable AI agent workflow instead of a one-off prompt.

Phishing simulation campaign execution and analysis for security awareness assessment

Teams using phishing-simulation-skill should expect a more consistent output, faster repeated execution, less prompt rewriting.

When to use this skill

  • You want a reusable workflow that can be run more than once with consistent structure.

When not to use this skill

  • You only need a quick one-off answer and do not need a reusable workflow.
  • You cannot install or maintain the underlying files, dependencies, or repository context.

Installation

Claude Code / Cursor / Codex

$curl -o ~/.claude/skills/phishing-simulation-skill/SKILL.md --create-dirs "https://raw.githubusercontent.com/a5c-ai/babysitter/main/library/specializations/security-compliance/skills/phishing-simulation-skill/SKILL.md"

Manual Installation

  1. Download SKILL.md from GitHub
  2. Place it in .claude/skills/phishing-simulation-skill/SKILL.md inside your project
  3. Restart your AI agent — it will auto-discover the skill

How phishing-simulation-skill Compares

Feature / Agentphishing-simulation-skillStandard Approach
Platform SupportNot specifiedLimited / Varies
Context Awareness High Baseline
Installation ComplexityUnknownN/A

Frequently Asked Questions

What does this skill do?

Phishing simulation campaign execution and analysis for security awareness assessment

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

SKILL.md Source

# Phishing Simulation Skill

## Purpose

Execute and analyze phishing simulation campaigns to assess organizational security awareness, identify high-risk users, and measure the effectiveness of security training programs.

## Capabilities

### Campaign Template Generation
- Create realistic phishing email templates
- Design landing pages for credential harvesting simulations
- Generate attachment-based simulation scenarios
- Create spear-phishing templates using OSINT
- Develop pretexting scenarios
- Build multi-stage attack simulations

### Campaign Execution
- Schedule and launch simulation campaigns
- Manage target user groups
- Configure sending parameters (timing, throttling)
- Handle bounce and delivery tracking
- Implement safe landing pages
- Manage campaign duration and scope

### User Response Tracking
- Track email open rates
- Monitor link click rates
- Record credential submission attempts
- Track attachment opens
- Measure response times
- Identify repeat offenders

### Awareness Reporting
- Generate campaign summary reports
- Create department-level breakdowns
- Produce trend analysis over time
- Compare against industry benchmarks
- Generate executive dashboards
- Export data for further analysis

### Risk User Identification
- Identify users who clicked links
- Flag users who submitted credentials
- Track repeat high-risk behavior
- Score user security awareness
- Prioritize users for additional training

### Training Recommendations
- Recommend targeted training modules
- Suggest remedial training assignments
- Track training completion rates
- Correlate training with behavior improvement
- Generate training effectiveness reports

## Simulation Types

| Type | Description | Risk Level |
|------|-------------|------------|
| Mass Phishing | Broad awareness testing | Low |
| Spear Phishing | Targeted attacks | Medium |
| Whaling | Executive targeting | High |
| Vishing | Voice phishing | Medium |
| Smishing | SMS phishing | Medium |
| BEC | Business email compromise | High |

## Template Categories

- Password reset notifications
- IT support messages
- Package delivery notifications
- Invoice/payment requests
- HR communications
- Executive requests
- Cloud service notifications
- Social media alerts

## Integrations

- **KnowBe4**: Security awareness training platform
- **Proofpoint**: Security awareness and phishing simulation
- **GoPhish**: Open-source phishing framework
- **Cofense**: Phishing defense solutions
- **Microsoft Defender**: Attack simulation training

## Target Processes

- Security Awareness Training Program
- Human Risk Assessment
- Social Engineering Testing
- Compliance Training Verification

## Input Schema

```json
{
  "type": "object",
  "properties": {
    "campaignType": {
      "type": "string",
      "enum": ["mass", "spear", "whaling", "department", "new-hire"],
      "description": "Type of phishing simulation"
    },
    "templateCategory": {
      "type": "string",
      "enum": ["password-reset", "it-support", "delivery", "invoice", "hr", "executive", "cloud-service"],
      "description": "Phishing template category"
    },
    "targetGroups": {
      "type": "array",
      "items": { "type": "string" },
      "description": "Target user groups or departments"
    },
    "schedule": {
      "type": "object",
      "properties": {
        "startDate": { "type": "string", "format": "date-time" },
        "endDate": { "type": "string", "format": "date-time" },
        "sendingWindow": { "type": "string" }
      }
    },
    "difficulty": {
      "type": "string",
      "enum": ["easy", "medium", "hard", "expert"],
      "description": "Simulation difficulty level"
    },
    "landingPageAction": {
      "type": "string",
      "enum": ["awareness", "training-redirect", "credential-capture"],
      "description": "Action when user clicks link"
    },
    "customTemplate": {
      "type": "string",
      "description": "Path to custom template file"
    }
  },
  "required": ["campaignType", "targetGroups"]
}
```

## Output Schema

```json
{
  "type": "object",
  "properties": {
    "campaignId": {
      "type": "string"
    },
    "campaignType": {
      "type": "string"
    },
    "executionPeriod": {
      "type": "object",
      "properties": {
        "startDate": { "type": "string" },
        "endDate": { "type": "string" }
      }
    },
    "targetSummary": {
      "type": "object",
      "properties": {
        "totalTargets": { "type": "integer" },
        "emailsSent": { "type": "integer" },
        "emailsDelivered": { "type": "integer" },
        "bounced": { "type": "integer" }
      }
    },
    "results": {
      "type": "object",
      "properties": {
        "emailsOpened": { "type": "integer" },
        "openRate": { "type": "number" },
        "linksClicked": { "type": "integer" },
        "clickRate": { "type": "number" },
        "credentialsSubmitted": { "type": "integer" },
        "submissionRate": { "type": "number" },
        "attachmentsOpened": { "type": "integer" },
        "reportedPhishing": { "type": "integer" },
        "reportRate": { "type": "number" }
      }
    },
    "departmentBreakdown": {
      "type": "array",
      "items": {
        "type": "object",
        "properties": {
          "department": { "type": "string" },
          "clickRate": { "type": "number" },
          "riskScore": { "type": "number" }
        }
      }
    },
    "highRiskUsers": {
      "type": "array",
      "items": {
        "type": "object",
        "properties": {
          "userId": { "type": "string" },
          "actions": { "type": "array" },
          "repeatOffender": { "type": "boolean" }
        }
      }
    },
    "trainingRecommendations": {
      "type": "array",
      "items": {
        "type": "object",
        "properties": {
          "userGroup": { "type": "string" },
          "recommendedModules": { "type": "array" },
          "priority": { "type": "string" }
        }
      }
    },
    "benchmarkComparison": {
      "type": "object",
      "properties": {
        "industryAvgClickRate": { "type": "number" },
        "organizationClickRate": { "type": "number" },
        "performanceRating": { "type": "string" }
      }
    }
  }
}
```

## Usage Example

```javascript
skill: {
  name: 'phishing-simulation-skill',
  context: {
    campaignType: 'mass',
    templateCategory: 'password-reset',
    targetGroups: ['all-employees'],
    difficulty: 'medium',
    landingPageAction: 'awareness'
  }
}
```

Related Skills

gazebo-simulation

509
from a5c-ai/babysitter

Expert skill for Gazebo Classic and Ignition/Gazebo Sim world creation and plugin development. Create SDF worlds with terrain, lighting, physics configuration, sensor models, and custom plugins.

network-simulation

509
from a5c-ai/babysitter

Skill for network condition simulation, emulation, and chaos engineering

fluid-simulation

509
from a5c-ai/babysitter

Water physics skill for fluid dynamics and buoyancy systems.

cloth-simulation

509
from a5c-ai/babysitter

Cloth physics skill for softbody dynamics and constraint systems.

hdl-simulation

509
from a5c-ai/babysitter

Multi-simulator expertise for functional verification of FPGA designs

accreditation-tracer-simulation

509
from a5c-ai/babysitter

Simulate Joint Commission tracer methodology to assess compliance with accreditation standards across patient care processes and support systems

monte-carlo-simulation

509
from a5c-ai/babysitter

Monte Carlo methods for uncertainty quantification

simulation-experiment-designer

509
from a5c-ai/babysitter

Simulation experimental design skill for efficient scenario analysis and optimization.

traffic-simulation-engine

509
from a5c-ai/babysitter

Traffic simulation skill for microsimulation, level of service, and signal optimization

scenario-simulation

509
from a5c-ai/babysitter

Scenario-based simulation for ADAS/AD validation

crash-simulation

509
from a5c-ai/babysitter

Crash simulation setup and analysis for occupant protection and regulatory compliance

gnc-simulation

509
from a5c-ai/babysitter

Skill for guidance, navigation, and control system simulation and analysis