co-redteam-orchestrated-security-discovery

Pass

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill facilitates the execution of Bash and Python commands as part of its vulnerability exploitation workflow. This capability is inherent to the skill's purpose and is constrained by strict instructions requiring authorization context, syntax validation, and execution in isolated environments like Docker containers.- [EXTERNAL_DOWNLOADS]: Technical methodology and architectural reasoning are supported by references to academic papers hosted on arxiv.org. These references are used for research context and are from a well-known, trusted source.- [PROMPT_INJECTION]: The skill reads and processes external source code and configuration files, representing an indirect prompt injection surface. This risk is addressed through the use of strict input/output schemas, evidence-based critique loops, and a validation step that verifies actions before execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 19, 2026, 09:45 PM
Security Audit — agent-trust-hub — co-redteam-orchestrated-security-discovery