Skills
skills/hoangnguyen0403/agent-skills-standard/pentest/Gen Agent Trust Hub

pentest

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands including ls -F, cat package.json, and grep to inspect the local project environment and identify potential entry points and vulnerabilities.
  • [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection as it is designed to ingest and process untrusted source code and configuration files. It lacks explicit boundary markers or instructions to the agent to disregard potential instructions embedded within the analyzed data.
  • Ingestion points: Project manifests like package.json and pubspec.yaml, as well as raw source code via recursive grep searches.
  • Boundary markers: Absent from the skill instructions.
  • Capability inventory: File system read access, shell command execution, and mentioned network probing capabilities.
  • Sanitization: No sanitization or validation of the content of analyzed files is specified.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 12:06 AM