hunt-xxe
Warn
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: MEDIUMDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
- [DATA_EXFILTRATION]: The skill contains functional XML payloads designed to read sensitive system files including /etc/passwd, /etc/shadow, and Windows configuration files. It further details how to exfiltrate this data to external attacker-controlled servers (OOB) using parameter entities and external DTD references.
- [COMMAND_EXECUTION]: Contains shell command templates using curl for manipulating HTTP requests to trigger XXE vulnerabilities and grep patterns for performing static analysis on source code to find insecure XML parser configurations.
Audit Metadata