iblai-vibe-security-recon
Warn
Audited by Gen Agent Trust Hub on Jul 7, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
$ARGUMENTSvariable directly within several shell commands, includingdig any $ARGUMENTS,whois $ARGUMENTS, andnmap ... $ARGUMENTS. This pattern presents a risk of command injection if the input provided to the variable contains shell metacharacters and is not properly sanitized. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8) due to the ingestion of untrusted external content.
- Ingestion points: Untrusted data enters the context through certificate transparency logs from
crt.shand web content retrieved viaWebSearchandWebFetchtools. - Boundary markers: No delimiters or warnings to ignore embedded instructions are present when processing external data.
- Capability inventory: The skill allows for powerful operations via the
Bash,Write, andWebFetchtools, which can be abused if the agent's logic is subverted by external data. - Sanitization: There is no logic provided to sanitize or validate the content fetched from the internet before it is used to generate reports or influence subsequent steps.
Audit Metadata