hunt-open-redirect
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing 'openredirex' via pip and utilizing 'nuclei'. These are recognized security testing tools for vulnerability research and do not represent a security risk when used as intended for auditing.
- [COMMAND_EXECUTION]: Provides bash snippets utilizing 'curl', 'grep', and 'qsreplace' to automate the identification of redirect parameters. These operations are standard for security reconnaissance and are restricted to the auditor's testing environment.
- [DATA_EXFILTRATION]: The network requests demonstrated (e.g., to 'evil.com') are used to verify the success of a redirect during a vulnerability test. No unauthorized sensitive data access or exfiltration from the user's environment is performed.
Audit Metadata