performing-blind-ssrf-exploitation

Fail

Audited by Gen Agent Trust Hub on Apr 12, 2026

Risk Level: CRITICALCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The Python script scripts/agent.py executes network requests using the requests library to test specified endpoints for SSRF vulnerabilities.\n- [EXTERNAL_DOWNLOADS]: The skill documentation and scripts reference several external interaction platforms for out-of-band (OOB) testing, including Burp Collaborator (oastify.com), interact.sh, and webhook.site.\n- [EXTERNAL_DOWNLOADS]: The skill utilizes a DNS rebinding utility domain (1u.ms) within its payloads to demonstrate bypasses for IP-based security filters. While this service is sometimes flagged by automated scanners, it is a standard tool in the context of security research.
Recommendations
  • Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata
Risk Level
CRITICAL
Analyzed
Apr 12, 2026, 06:20 PM
Security Audit — agent-trust-hub — performing-blind-ssrf-exploitation