fuzzing-apis
Warn
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The bundled script
scripts/generate_payloads.pycontains agenerate_scriptmethod that accepts arbitrary strings from the--contentcommand-line argument and writes them into a new shell script file. The utility then executeschmod 755on the resulting file to make it executable, which facilitates the creation and execution of arbitrary shell code. - [PROMPT_INJECTION]: The skill is designed to ingest and parse untrusted data from API specifications (OpenAPI, GraphQL, Protobuf) to automate its fuzzing operations, presenting an indirect prompt injection risk. 1. Ingestion points:
SKILL.mdinstructs the agent to find and read API specification files (e.g.,**/openapi.yaml) using theGlobandReadtools. 2. Boundary markers: The instructions do not define any delimiters or ignore-embedded-instruction markers for the parsed content. 3. Capability inventory: The skill has access toWrite,Edit, andBash(restricted to thetest:fuzz-*prefix) tools, alongside the script generation utility inscripts/generate_payloads.py. 4. Sanitization: There are no instructions for sanitizing or validating the data extracted from the specifications before it is used to influence the testing logic.
Audit Metadata