uapi-get-network-portscan

Pass

Audited by Gen Agent Trust Hub on Jul 9, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill performs active network operations by sending port scanning requests to an external API (https://uapis.cn/api/v1). This functionality allows the agent to conduct reconnaissance on arbitrary hostnames and IP addresses provided by the user.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface. It ingests untrusted data from user requests (host, port) and external API responses without providing instructions for sanitization, validation, or the use of protective boundary markers to prevent the agent from misinterpreting data as instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 9, 2026, 06:42 AM
Security Audit — agent-trust-hub — uapi-get-network-portscan