Skills
skills/elementalsouls/claude-bughunter/hunt-file-upload/Gen Agent Trust Hub

hunt-file-upload

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill recommends the installation of the evilarc utility via pip3, which is an external tool used for creating path traversal archives.
  • [COMMAND_EXECUTION]: Provides several shell command examples for generating exploit payloads (e.g., SVG, MVG, and M3U8 files) and executing network requests using curl to test target API endpoints.
  • [DATA_EXFILTRATION]: Contains specific payloads designed to access and retrieve sensitive data, including local system files like /etc/passwd and cloud infrastructure metadata from 169.254.169.254 (AWS IMDS).
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 04:05 PM
Security Audit — agent-trust-hub — hunt-file-upload