Skip to content
OSINT Tradecraft
OSINT Tradecraft
Investigation skills · Vol. 8
Free starter
Documentation

Installation, in two minutes.

Pick your agent. Run one command (or paste a folder). Your agent now uses the methodology automatically — no prompt engineering required.

By agent
Recommended

Claude Code

One-line plugin marketplace install. Auto-updates with your subscription. The most native install path.

OpenAI Custom GPT

Upload the bundle ZIP as Knowledge files. Paste the system-prompt header. Five-minute setup.

Llama (local or Together / Groq)

Drop the skills folder into your system prompt directory. Works with Ollama, LM Studio, llama.cpp, Together, Groq.

DeepSeek

API or chat — same skill files, same methodology. Bundle ZIP or per-skill loading.

MCP-compatible agents

Use the OSINT Tradecraft MCP server to expose skills as tools to any MCP-compatible agent.

Live comparison demos

Side-by-side runs of the same prompt through a vanilla agent and a skill-loaded one. Watch the methodology appear.

Quick start · Claude Code

The one-command install.

Every bundle you download is a self-contained Claude Code plugin. Unzip it, add the folder as a local marketplace, then install — two commands.

01
Download & unzip your bundle

From your dashboard, download any bundle you own and unzip it. You get a folder like osint-foundations-2026/ — a ready-to-install Claude Code plugin, licensed to your account.

02
Add it as a local marketplace
claude plugin marketplace add ./osint-foundations-2026

Claude Code reads the bundled .claude-plugin/marketplace.json and registers the osint-tradecraft marketplace from your local folder.

03
Install the plugin
claude plugin install osint-foundations@osint-tradecraft

# then, inside Claude Code:
/reload-plugins
04
Use it

That's it. Claude auto-invokes the relevant skill when you describe an investigation task. Confirm what's installed:

/help

> osint-foundations (osint-tradecraft)
>   seed-discovery-from-email
>   ssl-certificate-pivoting
>   wayback-machine-deep-dive
>   ...

New edition later? Re-download and re-run the two install commands — a one-command re-sync to the latest skills.

Full Claude Code guide →
Reference

The anatomy of a Skill file.

Plain Markdown with a YAML frontmatter header. Three sections: when to use, the methodology, and the stop-points. No magic.

---
name: seed-discovery-from-email
description: Use when starting from a single email address — covers
  pivot order, source provenance, and stop-points.
---

# Seed discovery from email

When the only seed is an email address, the goal is to (a) confirm
it's real, (b) map it to a person or persona, and (c) generate at
least three further pivot seeds — all with provenance.

## Phase 1 — Confirm

  1. Non-invasive SMTP verification (no probe).
  2. DNS TXT (SPF, DKIM, DMARC) anomalies.
  3. WHOIS + crt.sh on the domain.

## Phase 2 — Pivot

  - Username candidates → username-enumeration-across-platforms
  - Phone candidates → only if breach data exposes them
  - ...

## Stop-points

  - DO NOT send any email to the target.
  - DO NOT query breach data without documented permissible purpose.

## Output

  Numbered finding list. Each: field, value, source URL,
  timestamp, reliability grade (A1–F6).
Docs — install guides and reference · OSINT Tradecraft