Skills
skills/crazymarky/pentest-skills/recon-port-scan/Gen Agent Trust Hub

recon-port-scan

Pass

Audited by Gen Agent Trust Hub on Mar 30, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructions and documentation include the use of sudo for executing network scans (e.g., sudo nmap -sS, sudo masscan). This is a legitimate requirement for the skill's primary purpose, as raw socket access is necessary for SYN scans, OS detection, and high-speed scanning.
  • [EXTERNAL_DOWNLOADS]: Documentation within the skill (e.g., references/rustscan_guide.md and references/masscan_guide.md) provides commands for downloading and installing security tools from their official GitHub repositories. These downloads target well-known open-source security projects.
  • [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection because it ingests and parses untrusted data from network scan results, such as service banners, hostnames, and version information.
  • Ingestion points: scripts/parse_nmap_xml.py and scripts/port_scan_storage.py read XML data produced by external scanners.
  • Boundary markers: No specific delimiters or "ignore instructions" warnings are applied to the extracted service metadata before it is presented to the agent.
  • Capability inventory: The skill is designed to execute shell commands for reconnaissance and write results to a local SQLite database.
  • Sanitization: The scripts use standard XML parsing libraries which validate structure but do not sanitize the string content of service banners or attributes against potential injection attacks.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 30, 2026, 07:51 AM