hunt-saml
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a reference guide intended for security auditing and vulnerability research, focusing on SAML/SSO attack vectors.
- [COMMAND_EXECUTION]: Contains standard utility commands such as
grep,base64, andxmllint. These are used appropriately for processing and formatting data during a manual security analysis workflow. - [DATA_EXPOSURE]: Mentions sensitive file paths like
/etc/passwdexclusively as part of an XXE (XML External Entity) payload example for testing purposes. It does not contain code to exfiltrate data or access unauthorized files. - [INDIRECT_PROMPT_INJECTION]: While the skill involves analyzing external SAML assertions which could theoretically contain malicious instructions, the documented process is manual and investigative. There is no evidence of automated processing that would lead to a prompt injection vulnerability.
Audit Metadata