Skills
skills/harness/harness-skills/configure-dast-scan/Gen Agent Trust Hub

configure-dast-scan

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the harness-mcp-v2 server tools, specifically 'harness_get' and 'harness_update', to retrieve and modify pipeline YAML configurations as part of its intended functionality.
  • [SAFE]: The skill provides instructions for configuring several DAST scanners including API DAST (Traceable), Burp Suite, ZAP, Nikto, and Nmap. All external domain references, such as 'api.traceable.ai', are well-known security services or vendor-integrated resources.
  • [SAFE]: Analysis of instruction patterns for potential prompt injection or safety bypass techniques yielded no findings. The instructions are focused on legitimate pipeline configuration tasks.
  • [SAFE]: The skill correctly handles sensitive information by prompting users to use the Harness secret manager (e.g., '<+secrets.getValue(...)>') for API tokens and access keys instead of hardcoding them in the pipeline YAML.
  • [SAFE]: Although the skill processes external data (pipeline YAML), it does so within the scope of its primary CI/CD automation purpose. No malicious use of the resulting attack surface was identified.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 12:57 AM
Security Audit — agent-trust-hub — configure-dast-scan