phishing-simulation-skill
// Phishing simulation campaign execution and analysis for security awareness assessment
$ git log --oneline --stat
stars:384
forks:73
updated:March 4, 2026
SKILL.mdreadonly
SKILL.md Frontmatter
namephishing-simulation-skill
descriptionPhishing simulation campaign execution and analysis for security awareness assessment
allowed-toolsBash,Read,Write,Glob,Grep,WebFetch
Phishing Simulation Skill
Purpose
Execute and analyze phishing simulation campaigns to assess organizational security awareness, identify high-risk users, and measure the effectiveness of security training programs.
Capabilities
Campaign Template Generation
- Create realistic phishing email templates
- Design landing pages for credential harvesting simulations
- Generate attachment-based simulation scenarios
- Create spear-phishing templates using OSINT
- Develop pretexting scenarios
- Build multi-stage attack simulations
Campaign Execution
- Schedule and launch simulation campaigns
- Manage target user groups
- Configure sending parameters (timing, throttling)
- Handle bounce and delivery tracking
- Implement safe landing pages
- Manage campaign duration and scope
User Response Tracking
- Track email open rates
- Monitor link click rates
- Record credential submission attempts
- Track attachment opens
- Measure response times
- Identify repeat offenders
Awareness Reporting
- Generate campaign summary reports
- Create department-level breakdowns
- Produce trend analysis over time
- Compare against industry benchmarks
- Generate executive dashboards
- Export data for further analysis
Risk User Identification
- Identify users who clicked links
- Flag users who submitted credentials
- Track repeat high-risk behavior
- Score user security awareness
- Prioritize users for additional training
Training Recommendations
- Recommend targeted training modules
- Suggest remedial training assignments
- Track training completion rates
- Correlate training with behavior improvement
- Generate training effectiveness reports
Simulation Types
| Type | Description | Risk Level |
|---|---|---|
| Mass Phishing | Broad awareness testing | Low |
| Spear Phishing | Targeted attacks | Medium |
| Whaling | Executive targeting | High |
| Vishing | Voice phishing | Medium |
| Smishing | SMS phishing | Medium |
| BEC | Business email compromise | High |
Template Categories
- Password reset notifications
- IT support messages
- Package delivery notifications
- Invoice/payment requests
- HR communications
- Executive requests
- Cloud service notifications
- Social media alerts
Integrations
- KnowBe4: Security awareness training platform
- Proofpoint: Security awareness and phishing simulation
- GoPhish: Open-source phishing framework
- Cofense: Phishing defense solutions
- Microsoft Defender: Attack simulation training
Target Processes
- Security Awareness Training Program
- Human Risk Assessment
- Social Engineering Testing
- Compliance Training Verification
Input Schema
{
"type": "object",
"properties": {
"campaignType": {
"type": "string",
"enum": ["mass", "spear", "whaling", "department", "new-hire"],
"description": "Type of phishing simulation"
},
"templateCategory": {
"type": "string",
"enum": ["password-reset", "it-support", "delivery", "invoice", "hr", "executive", "cloud-service"],
"description": "Phishing template category"
},
"targetGroups": {
"type": "array",
"items": { "type": "string" },
"description": "Target user groups or departments"
},
"schedule": {
"type": "object",
"properties": {
"startDate": { "type": "string", "format": "date-time" },
"endDate": { "type": "string", "format": "date-time" },
"sendingWindow": { "type": "string" }
}
},
"difficulty": {
"type": "string",
"enum": ["easy", "medium", "hard", "expert"],
"description": "Simulation difficulty level"
},
"landingPageAction": {
"type": "string",
"enum": ["awareness", "training-redirect", "credential-capture"],
"description": "Action when user clicks link"
},
"customTemplate": {
"type": "string",
"description": "Path to custom template file"
}
},
"required": ["campaignType", "targetGroups"]
}
Output Schema
{
"type": "object",
"properties": {
"campaignId": {
"type": "string"
},
"campaignType": {
"type": "string"
},
"executionPeriod": {
"type": "object",
"properties": {
"startDate": { "type": "string" },
"endDate": { "type": "string" }
}
},
"targetSummary": {
"type": "object",
"properties": {
"totalTargets": { "type": "integer" },
"emailsSent": { "type": "integer" },
"emailsDelivered": { "type": "integer" },
"bounced": { "type": "integer" }
}
},
"results": {
"type": "object",
"properties": {
"emailsOpened": { "type": "integer" },
"openRate": { "type": "number" },
"linksClicked": { "type": "integer" },
"clickRate": { "type": "number" },
"credentialsSubmitted": { "type": "integer" },
"submissionRate": { "type": "number" },
"attachmentsOpened": { "type": "integer" },
"reportedPhishing": { "type": "integer" },
"reportRate": { "type": "number" }
}
},
"departmentBreakdown": {
"type": "array",
"items": {
"type": "object",
"properties": {
"department": { "type": "string" },
"clickRate": { "type": "number" },
"riskScore": { "type": "number" }
}
}
},
"highRiskUsers": {
"type": "array",
"items": {
"type": "object",
"properties": {
"userId": { "type": "string" },
"actions": { "type": "array" },
"repeatOffender": { "type": "boolean" }
}
}
},
"trainingRecommendations": {
"type": "array",
"items": {
"type": "object",
"properties": {
"userGroup": { "type": "string" },
"recommendedModules": { "type": "array" },
"priority": { "type": "string" }
}
}
},
"benchmarkComparison": {
"type": "object",
"properties": {
"industryAvgClickRate": { "type": "number" },
"organizationClickRate": { "type": "number" },
"performanceRating": { "type": "string" }
}
}
}
}
Usage Example
skill: {
name: 'phishing-simulation-skill',
context: {
campaignType: 'mass',
templateCategory: 'password-reset',
targetGroups: ['all-employees'],
difficulty: 'medium',
landingPageAction: 'awareness'
}
}