spearphishing-simulation-governance
by LocoLoboZ
Design and govern authorized spearphishing simulations with professional reporting and stakeholder alignment.
- Generate stakeholder approval packs for Legal and HR sign-off.
- Create safe, payload-free message themes for security awareness.
- Analyze campaign metrics to produce an executive After-Action Report.
$12
· or 60 creditsSecure checkout via Stripe
Included in download
- Generate stakeholder approval packs for Legal and HR sign-off.
- Create safe, payload-free message themes for security awareness.
- terminal automation included
- Ready for including Claude Code
Sample input
Plan an authorised spearphishing simulation for our finance leadership team. We have CISO approval and HR awareness. Produce a governance brief, approval pack, safe theme catalogue, readiness checklist, and an after-action report template.
Sample output
The skill produces a spearphishing simulation governance brief confirming authorisation status, scope, exclusions, and success measures, a campaign approval pack with stakeholder sign-off sections for security, HR, legal, privacy, communications, and executive, a safe theme catalogue with approved message themes that test recognition and reporting without collecting credentials, an authorisation and scope readiness checklist, and an after-action report template structured around metrics, findings, awareness improvement actions, and a remediation tracker. All items without confirmed approval are clearly marked as validation points.
Design and govern authorized spearphishing simulations with professional reporting and stakeholder alignment.
$12
· or 60 creditsSecure checkout via Stripe
Also available in a bundle
Included in download
- Generate stakeholder approval packs for Legal and HR sign-off.
- Create safe, payload-free message themes for security awareness.
- terminal automation included
- Ready for including Claude Code
- Instant install
Sample input
Plan an authorised spearphishing simulation for our finance leadership team. We have CISO approval and HR awareness. Produce a governance brief, approval pack, safe theme catalogue, readiness checklist, and an after-action report template.
Sample output
The skill produces a spearphishing simulation governance brief confirming authorisation status, scope, exclusions, and success measures, a campaign approval pack with stakeholder sign-off sections for security, HR, legal, privacy, communications, and executive, a safe theme catalogue with approved message themes that test recognition and reporting without collecting credentials, an authorisation and scope readiness checklist, and an after-action report template structured around metrics, findings, awareness improvement actions, and a remediation tracker. All items without confirmed approval are clearly marked as validation points.
About This Skill
Protect Your Organization with Ethical Phishing Simulations
Running a spearphishing simulation is a high-stakes task that requires rigorous governance, legal alignment, and clear communication. This skill provides a structured framework for security professionals to plan, govern, and report on authorized defensive simulations without the risk of creating actual harmful content.
What it does
This skill acts as a specialized governance layer for your security awareness program. It guides you through:
- Planning: Defining objectives, target populations, and exclusion rules for a safe test environment.
- Governance: Generating stakeholder approval packs for HR, Legal, and Executive teams.
- Execution Readiness: Validating that message themes are effective but safe (no credential harvesting).
- Analysis & Reporting: Transforming raw data from your simulation platform into professional After-Action Reports (AAR) and remediation trackers.
Why use this skill?
Prompting an AI yourself often leads to safety filters blocking your requests or, conversely, generating "too-realistic" content that violates corporate policy. This skill ensures your simulated campaigns remain purely for training purposes. It follows strict quality gates to ensure all activities are documented, authorized, and mapped to defensive controls, saving you hours of document preparation while maintaining a high compliance bar.
Output
The skill produces structured governance artifacts, including Campaign Briefs, Readiness Checklists, and Metrics Analyses, formatted specifically for internal security audits and stakeholder review.
Use Cases
- Generate stakeholder approval packs for Legal and HR sign-off.
- Create safe, payload-free message themes for security awareness.
- Analyze campaign metrics to produce an executive After-Action Report.
- Develop a targeting and exclusion matrix to protect sensitive personnel.
- Build a remediation tracker based on simulation performance data.
Known Limitations
- Does not execute simulations or provide infrastructure.
- Requires manual entry of metrics from third-party platforms.
- Does not generate bypass techniques for security controls.
How to Install
mkdir -p ~/.claude/skills && curl -sL https://www.agensi.io/api/install/spearphishing-simulation-governance -o /tmp/spearphishing-simulation-governance.zip && unzip -o /tmp/spearphishing-simulation-governance.zip -d ~/.claude/skills && rm /tmp/spearphishing-simulation-governance.zipFree skills install directly. Paid skills require purchase - use the download button above after buying.
Reviews
No reviews yet - be the first to share your experience.
Only users who have downloaded or purchased this skill can leave a review.
Early access skill
Be the first to review this skill.
Only users who have downloaded or purchased this skill can leave a review.
Security Scanned
Passed automated security review
Permissions
File Scopes
Tags
Works with any agent that supports the Universal SKILL.md standard, including Claude Code, Codex CLI, Cursor, VS Code Copilot, Gemini CLI, and any agent that supports the Universal SKILL.md standard. Requires user-supplied authorisation evidence and campaign context.
Creator
I design and publish skills built from real professional practice across three areas: cyber security consulting, business operations, and AI workflow engineering. My cyber security skills draw on active advisory work spanning governance, risk, compliance, assurance, and executive reporting. They are built for practitioners who need structured, defensible outputs - not generic templates. My business operations skills cover the day-to-day work of running a consulting practice: bookkeeping, financial tracking, expense reconciliation, and marketing content - designed to reduce repetitive overhead and keep outputs consistent. My AI platform and workflow skills are built for people who want to get more out of Claude and similar platforms - covering prompt engineering, skill architecture, automation pipelines, and agent enhancement. Every skill I publish has been tested in production use before it reaches the marketplace. If it is here, it works.
Also available in a bundle
Frequently Asked Questions
Learn More About AI Agent Skills
More Premium Skills
PII & Data-Leak Scanner
Scan your schemas, seed data, config, and logs for personal data before it leaks. Detects PII-indicating column and key names (email, ssn, phone, address) across SQL, CSV, and JSON, plus PII in the data itself: email addresses, SSN-like numbers, credit-card-like numbers, phone numbers, and PII written into log files. Each finding is flagged with its location and a GDPR-style review note. Heuristic by design: it surfaces what to review, not a compliance guarantee.
designing-hybrid-context-layers
Architects the right retrieval strategy for every query — teaching your agent when to use RAG, a knowledge graph, or a temporal index instead of defaulting to vector search for everything.
ai-automation-qa-pack
Professional QA & UAT documentation generator for AI automation agencies and complex agent deployments.
Bounty Security Pattern Master Library — 399 Vulnerability Patterns
A premium library of 399 vulnerability patterns and DeFi attack vectors for AI-driven bug hunting and security audits.