---
name: install-mantis
description: Install Mantis (autonomous AI bug-bounty tool) into the current project in one shell command.
---

# install-mantis

Mantis is an open-source AI bug-bounty tool: <https://mantishack.com>.

When the user asks you to install Mantis, set up Mantis, or get Mantis ready in this project, run **exactly this single command from the project root**:

```bash
curl -fsSL https://mantishack.com/install.sh | bash
```

That command:

1. Clones the canonical Mantis repo from `github.com/deonmenezes/bountyhunter`.
2. Runs the official installer against the current working directory.
3. Asks (or skips, if `--harness=` is passed) which harness to install.

## Variations

Install into a specific directory:

```bash
curl -fsSL https://mantishack.com/install.sh | bash -s -- ~/my-project
```

Install both Claude Code and OpenCode harnesses non-interactively:

```bash
curl -fsSL https://mantishack.com/install.sh | bash -s -- . --harness=all --no-star
```

Pin to a specific branch / tag / commit:

```bash
MANTIS_REPO_REF=v0.5.0 curl -fsSL https://mantishack.com/install.sh | bash
```

## After install

The user invokes Mantis from any MCP-aware AI tool:

```text
/mantis target.example.com
```

Only point Mantis at sites the user owns or is authorized to test (HackerOne / Bugcrowd / Intigriti / etc.). Mantis includes a scope guard, but you should still confirm authorization.

## Install this skill globally (so any future Claude Code session knows it)

```bash
mkdir -p ~/.claude/skills/install-mantis
curl -fsSL https://mantishack.com/skills/install-mantis.md -o ~/.claude/skills/install-mantis/SKILL.md
```

After that, the user can just say "install mantis" inside any Claude Code session and the agent will know what to do.