pwnkit

MCP Tool

peaktwilight/pwnkit

Let autonomous AI agents hack you so the real ones can't. Attacks LLM endpoints, web apps, npm packages, and source code. Blind PoC verification to minimize false positives.

Install

$ npx loaditout add peaktwilight/pwnkit

Platform-specific configuration:

.claude/settings.json

{
  "mcpServers": {
    "pwnkit": {
      "command": "npx",
      "args": [
        "-y",
        "pwnkit"
      ]
    }
  }
}

Add the config above to .claude/settings.json under the mcpServers key.

About

<h1 align="center">pwnkit</h1>

Let autonomous AI agents hack you so the real ones can't. Fully autonomous agentic pentesting framework. Blind PoC verification to minimize false positives.

<a href="https://docs.pwnkit.com">Docs</a> · <a href="https://pwnkit.com">Website</a> · <a href="https://pwnkit.com/blog">Blog</a> · <a href="#benchmark">Benchmark</a>

---

Autonomous agents that discover, attack, and verify vulnerabilities across LLM endpoints, web apps, npm packages, and source code. Every finding is independently re-exploited by a blind verify agent to kill false positives.

npx pwnkit-cli

Quick Start

# Scan an LLM endpoint
npx pwnkit-cli scan --target https://your-app.com/api/chat

# Pentest a web app
npx pwnkit-cli scan --target https://example.com --mode web

# Audit an npm package
npx pwnkit-cli audit lodash

# Review source code
npx pwnkit

Reviews

Loading reviews...

Quality Signals

Stars

Installs

Last updated9 days ago

Security: AREADME

New

Safety

Risk Levelmedium

Data Access

read

Network Accessnone

Details

Sourcegithub-crawl

Last commit4/4/2026

View on GitHub→

Embed Badge

[![Loaditout](https://loaditout.ai/api/badge/peaktwilight/pwnkit)](https://loaditout.ai/skills/peaktwilight/pwnkit)

pwnkit

MCP Tool

peaktwilight/pwnkit

Let autonomous AI agents hack you so the real ones can't. Attacks LLM endpoints, web apps, npm packages, and source code. Blind PoC verification to minimize false positives.

Install

$ npx loaditout add peaktwilight/pwnkit

Platform-specific configuration:

.claude/settings.json

{
  "mcpServers": {
    "pwnkit": {
      "command": "npx",
      "args": [
        "-y",
        "pwnkit"
      ]
    }
  }
}

Add the config above to .claude/settings.json under the mcpServers key.

About

<h1 align="center">pwnkit</h1>

<a href="https://docs.pwnkit.com">Docs</a> · <a href="https://pwnkit.com">Website</a> · <a href="https://pwnkit.com/blog">Blog</a> · <a href="#benchmark">Benchmark</a>

---

npx pwnkit-cli

Quick Start

# Scan an LLM endpoint
npx pwnkit-cli scan --target https://your-app.com/api/chat

# Pentest a web app
npx pwnkit-cli scan --target https://example.com --mode web

# Audit an npm package
npx pwnkit-cli audit lodash

# Review source code
npx pwnkit

Reviews

Loading reviews...

Quality Signals

Stars

Installs

Last updated9 days ago

Security: AREADME

New

Safety

Risk Levelmedium

Data Access

read

Network Accessnone

Details

Sourcegithub-crawl

Last commit4/4/2026

View on GitHub→

Embed Badge

[![Loaditout](https://loaditout.ai/api/badge/peaktwilight/pwnkit)](https://loaditout.ai/skills/peaktwilight/pwnkit)

pwnkit

Install

About

Tags

Reviews

Quality Signals

Safety

Details

Embed Badge

pwnkit

Install

About

Tags

Reviews

Quality Signals

Safety

Details

Embed Badge