offensive-toctou
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides comprehensive educational content regarding TOCTOU vulnerabilities across filesystem, kernel, container, and web layers. It does not contain instructions to override safety guidelines or perform malicious actions against the agent's environment.
- [SAFE]: Includes various code templates (C, Python, Bash) intended for manual reproduction of race conditions in a research or penetration testing context.
- [SAFE]: Mentions security tools and research papers from reputable sources like PortSwigger and USENIX to support the methodology.
- [SAFE]: References a GitHub repository managed by the skill's author (SnailSploit) which serves as the source for the provided offensive checklist.
Audit Metadata