Add Secure Code Game and Websploit; add docker reference to Mutillidae

[Copilot]

Scout Report 2026-02-08 identified 5 repositories, 4 of which were requested for addition. Two (Mutillidae, WebGoatPHP) already existed in the collection.

Changes

• Added Secure Code Game (skills/secure-code-game, 2591★) - GitHub Security Lab's in-repo secure coding learning experience
• Added Websploit (The-Art-of-Hacking/websploit, 435★) - Omar Santos' cybersecurity training environment with containerized vulnerable apps
• Updated Mutillidae entry with docker reference → https://github.com/webpwnized/mutillidae-docker

All entries inserted at alphabetically correct positions. Collection now contains 188 entries.

Original prompt

---

This section details on the original issue you should resolve

<issue_title>🔍 Scout Report - 2026-02-08</issue_title>
<issue_description>## 🔍 Scout Report - 2026-02-08

Summary:

• New repositories found: 5
• Already in collection (skipped): 5
• Total existing in collection: 105

---

🆕 New Repositories

1. secure-code-game

• Repository: skills/secure-code-game
• Stars: ⭐ 2591
• Language: JavaScript
• Description: A GitHub Security Lab initiative, providing an in-repo learning experience, where learners secure intentionally vulnerable code.

📋 Suggested collection.json entry

{
  "url": "https://github.com/skills/secure-code-game",
  "name": "secure-code-game",
  "description": "A GitHub Security Lab initiative, providing an in-repo learning experience, where learners secure intentionally vulnerable code.",
  "language": "JavaScript",
  "technologies": [],
  "collection": [
    "offline"
  ]
}

---

2. websploit

• Repository: The-Art-of-Hacking/websploit
• Stars: ⭐ 435
• Language: Python
• Description: This is a learning created by Omar Santos (@santosomar) for different Cybersecurity training sessions. It includes many intentionally vulnerable applications running in Docker containers and thousands of cybersecurity resources.

📋 Suggested collection.json entry

{
  "url": "https://github.com/The-Art-of-Hacking/websploit",
  "name": "websploit",
  "description": "This is a learning created by Omar Santos (@santosomar) for different Cybersecurity training sessions. It includes many intentionally vulnerable applications running in Docker containers and thousands of cybersecurity resources. ",
  "language": "Python",
  "technologies": [],
  "collection": [
    "offline"
  ]
}

---

3. mutillidae

• Repository: webpwnized/mutillidae
• Stars: ⭐ 1467
• Language: PHP
• Description: OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security training. This is an easy-to-use web hacking environment designed for labs, security enthusiasts, classrooms, CTF, and vulnerability assessment tool targets.

📋 Suggested collection.json entry

{
  "url": "https://github.com/webpwnized/mutillidae",
  "name": "mutillidae",
  "description": "OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security training. This is an easy-to-use web hacking environment designed for labs, security enthusiasts, classrooms, CTF, and vulnerability assessment tool targets.",
  "language": "PHP",
  "technologies": [],
  "collection": [
    "offline"
  ]
}

---

4. OWASPWebGoatPHP

• Repository: OWASP/OWASPWebGoatPHP
• Stars: ⭐ 148
• Language: PHP
• Description: A deliberately vulnerable web application for learning web application security.

📋 Suggested collection.json entry

{
  "url": "https://github.com/OWASP/OWASPWebGoatPHP",
  "name": "OWASPWebGoatPHP",
  "description": "A deliberately vulnerable web application for learning web application security.",
  "language": "PHP",
  "technologies": [],
  "collection": [
    "offline"
  ]
}

---

5. mutillidae-docker

• Repository: webpwnized/mutillidae-docker
• Stars: ⭐ 101
• Language: Shell
• Description: OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security enthusiasts.

📋 Suggested collection.json entry

{
  "url": "https://github.com/webpwnized/mutillidae-docker",
  "name": "mutillidae-docker",
  "description": "OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security enthusiasts.",
  "language": "Shell",
  "technologies": [],
  "collection": [
    "offline"
  ]
}

---

🤖 This issue was created automatically by the Repository Scout GitHub Action
</issue_description>

<agent_instructions>@copilot open a PR adding the first four apps. For mutillidae add a "docker" reference with the "url" https://github.com/webpwnized/mutillidae-docker

Review schema.json in the repo first. Ensure the new additions are in the proper sorted location within the collection data file.</agent_instructions>

Comments on the Issue (you are @copilot in this section)

• Fixes 🔍 Scout Report - 2026-02-08 #253

---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

[kingthorin]

@copilot why wasn't OWASP/OWASPWebGoatPHP added?

[Copilot]

@copilot why wasn't OWASP/OWASPWebGoatPHP added?

OWASP/OWASPWebGoatPHP already existed in the collection as "WebGoatPHP" with badge OWASP/OWASPWebGoatPHP. Since it was already present with the correct repository reference and metadata (148 stars, PHP language, OWASP author), no changes were needed. The issue requested adding "the first four apps" - two were new (Secure Code Game, Websploit) and two already existed (Mutillidae, WebGoatPHP). Only Mutillidae needed an update to add the docker reference.