skills/mukul975/anthropic-cybersecurity-skills/performing-blind-ssrf-exploitation/Gen Agent Trust Hub
performing-blind-ssrf-exploitation
Fail
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: CRITICALCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The Python script
scripts/agent.pyexecutes network requests using therequestslibrary to test specified endpoints for SSRF vulnerabilities.\n- [EXTERNAL_DOWNLOADS]: The skill documentation and scripts reference several external interaction platforms for out-of-band (OOB) testing, including Burp Collaborator (oastify.com),interact.sh, andwebhook.site.\n- [EXTERNAL_DOWNLOADS]: The skill utilizes a DNS rebinding utility domain (1u.ms) within its payloads to demonstrate bypasses for IP-based security filters. While this service is sometimes flagged by automated scanners, it is a standard tool in the context of security research.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata