Skills
skills/crtvrffnrt/skills/pentest-cve-vulnerability-research-helper/Gen Agent Trust Hub

pentest-cve-vulnerability-research-helper

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides shell command templates for tools like vulnx and curl that interpolate user-supplied data (such as product names, versions, or URLs) into double-quoted strings. This pattern creates a potential command injection surface if the agent fails to sanitize inputs before execution, as shell substitution (e.g., $(...)) is still possible within double quotes.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it fetches and processes untrusted data from external sources.\n
  • Ingestion points: Web content fetched via curl and vulnerability intelligence data retrieved via vulnx from the ProjectDiscovery API.\n
  • Boundary markers: The instructions do not define boundary markers or provide 'ignore embedded instructions' warnings for the external content being processed.\n
  • Capability inventory: The skill utilizes shell execution for vulnx, curl, jq, and grep, and it manages a third-party API key (PDCP_API_KEY) via environment variables.\n
  • Sanitization: While the skill uses jq and grep to filter or parse data, it lacks explicit sanitization of the fetched content to prevent it from influencing agent behavior.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 04:47 PM