hunt-websocket
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes several bash command examples using standard tools like curl, grep, nmap, and wscat to perform reconnaissance and probe WebSocket endpoints on a target server.
- [EXTERNAL_DOWNLOADS]: Recommends the installation of widely recognized security testing utilities, wscat and websocat, through official package managers like NPM and Homebrew.
- [DATA_EXFILTRATION]: Provides instructions for using Burp Collaborator (oastify.com) to confirm vulnerabilities via out-of-band signals, which is a standard industry practice for verifying impact without compromising system integrity.
- [SAFE]: No malicious patterns, obfuscation, or unauthorized access to sensitive local files were identified. The skill adheres to professional security testing standards and emphasizes cross-account verification to avoid false positives.
Audit Metadata