security-review
Fail
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: HIGHCOMMAND_EXECUTIONDATA_EXFILTRATIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to perform command injection testing (Check ID INJ-06) using shell metacharacters and system commands like
; lsor| whoamiagainst user-specified target URLs. - [DATA_EXFILTRATION]: The instructions direct the agent to attempt path traversal attacks (Check ID INJ-05) using patterns such as
../../etc/passwdto verify if sensitive system files can be accessed. - [COMMAND_EXECUTION]: The skill provides instructions for performing SQL injection (Check ID INJ-03) and Cross-Site Scripting (XSS) (Check IDs INJ-01, INJ-02, INJ-08) testing using payloads designed to trigger script execution or database errors.
- [CREDENTIALS_UNSAFE]: The skill explicitly prompts the user to provide 'test credentials' for authenticated testing. While necessary for deep audits, this involves the agent handling and potentially logging sensitive authentication material.
- [EXTERNAL_DOWNLOADS]: The skill leverages external auditing tools such as
npm auditandpip auditwhich involve network requests to external package registries to fetch vulnerability data.
Recommendations
- AI detected serious security threats
Audit Metadata