skills/mukul975/anthropic-cybersecurity-skills/testing-api-authentication-weaknesses/Gen Agent Trust Hub
testing-api-authentication-weaknesses
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to how it handles data from external APIs. It ingests responses from target endpoints and displays them in the agent context without sanitization, which could allow an attacker-controlled API to influence agent behavior through malicious response content.\n
- Ingestion points: External API response text is ingested and displayed in the
scripts/agent.pylogic andSKILL.mdworkflow steps.\n - Boundary markers: None. API response content is printed directly to the console or included in the results report without the use of delimiters or 'ignore' warnings.\n
- Capability inventory: The skill performs network requests via the
requestslibrary and has the ability to write result files to the local file system.\n - Sanitization: There is no evidence of HTML escaping, input validation, or instruction filtering on the data retrieved from target APIs before it is processed or displayed.\n- [SAFE]: The skill's probing of sensitive remote file paths (such as
/.envor/admin/settings) is intended behavior aligned with its stated purpose of API security testing and does not represent an unauthorized attempt to access local host credentials.
Audit Metadata