hunt-misc
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions for the agent to use various shell commands, including
curlfor making network requests,grepfor searching through files, anddigfor DNS lookups. It also includes inline code forrubyandpython3to facilitate testing for Regex Denial of Service (ReDoS). These tools provide the agent with broad capabilities to interact with both the local environment and remote targets. - [PROMPT_INJECTION]: The skill's methodology involves analyzing untrusted data from external sources, which presents a surface for indirect prompt injection.
- Ingestion points: The agent is instructed to read and process HTTP response headers, response bodies, and JavaScript files from external domains (SKILL.md).
- Boundary markers: There are no explicit instructions or delimiters used to separate untrusted external data from the agent's internal instructions.
- Capability inventory: The agent has access to powerful shell-based tools for network exfiltration and data processing (
curl,grep,ruby,python3). - Sanitization: The instructions do not include steps to sanitize or validate data obtained from external targets before the agent analyzes it, allowing maliciously crafted content on a target site to potentially influence the agent's behavior.
Audit Metadata