Skip to main content

Conduct Empirical Wire Capture

Skill Verified Active
Part of:Agent Almanac

Capture outbound HTTP and telemetry from a CLI harness at runtime. Covers capture-channel selection (transcript file vs verbose-fetch stderr vs outbound proxy vs on-disk state), hook-driven per-event capture vs long-running session capture, JSONL output format for diff-friendly artifacts, and the observability table that maps each target to the cheapest channel that captures it. Use when a static finding needs runtime confirmation, when a payload shape is needed for a client re-implementation, or when dark-vs-live disambiguation requires watching what the binary actually sends.

Purpose

To capture reproducible runtime network artifacts from CLI applications for analysis, debugging, and re-implementation, ensuring data integrity and security throughout the process.

Features

  • Capture outbound HTTP and telemetry from CLI tools
  • Configurable capture-channel selection (file, stderr, proxy, state diff)
  • Per-event capture vs. long-running session capture
  • JSONL output format for diff-friendly artifacts
  • Observability table for mapping targets to cheapest capture channels
  • Mandatory redaction of secrets at capture time

Use Cases

  • When a static finding needs runtime confirmation.
  • When a payload shape is needed for client re-implementation.
  • When dark-vs-live disambiguation requires watching actual network traffic.
  • To produce reproducible artifacts for comparing behavior across binary versions.

Non-Goals

  • Version baselining of binary behavior.
  • Flag-state probing.
  • Preparing redacted artifacts for public publication.
  • Capturing traffic for other users or accounts.

Workflow

  1. Build the Observability Table First
  2. Prepare a Disposable Workspace
  3. Hook-Driven Capture for Per-Event Targets
  4. Long-Running Session Capture for Sequential State
  5. Normalize to JSONL
  6. Redact at Capture Time
  7. Classify Response Categories Before Recording
  8. Persist the Capture Manifest

Practices

  • Reverse-engineering
  • Wire capture
  • HTTP
  • Telemetry
  • JSONL
  • Observability

Prerequisites

  • A CLI harness binary that can be run locally.
  • A specific question to answer regarding the CLI's behavior.
  • Optional: Static findings from prior phases to scope capture targets.
  • Optional: A private workspace path for capture artifacts.

Installation

/plugin install agent-almanac@pjt222-agent-almanac

Quality Score

Verified
99 /100
Analyzed about 13 hours ago

Trust Signals

Last commit1 day ago
GitHub owner pjt222 (opens in new tab)
Stars14
Downloads 308 (opens in new tab)
LicenseMIT
Websitepjt222.github.io(opens in new tab)
Status
View Source

Similar Extensions

Trader Regime

100

Detect current market regime using npx neural-trader — bull/bear/ranging/volatile classification with recommended strategy

Skill
ruvnet

Setup

100

Use first for install/update routing — sends setup, doctor, or MCP requests to the correct OMC setup flow

Skill
Yeachan-Heo

Project Session Manager

100

Worktree-first dev environment manager for issues, PRs, and features with optional tmux sessions

Skill
Yeachan-Heo

Mcp Setup

100

Configure popular MCP servers for enhanced agent capabilities

Skill
Yeachan-Heo

Oh My Claudecode

100

Process-first advisor routing for Claude, Codex, or Gemini via `omc ask`, with artifact capture and no raw CLI assembly

Skill
Yeachan-Heo

Commands

100

This compatibility command keeps `/oh-my-claudecode:skill` available without loading the full `skill` skill description in every Claude Code session.

Skill
Yeachan-Heo

© 2025 SkillRepo · Find the right skill, skip the noise.