offensive-wps
Fail
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the use of several commands with 'sudo' privileges to interact with wireless hardware and perform network attacks.
- Evidence includes:
sudo wash -i wlan0mon,sudo airodump-ng wlan0mon --wps,sudo reaver -i wlan0mon -b AA:BB:CC:DD:EE:FF -K 1 -vvv,sudo bully -b AA:BB:CC:DD:EE:FF -d -v 3 wlan0mon, andsudo airmon-ng start wlan0. - [EXTERNAL_DOWNLOADS]: The documentation references and provides links to external software repositories on GitHub for wireless auditing tools.
- References include:
github.com/wiire-a/pixiewps,github.com/t6x/reaver-wps-fork-t6x, andgithub.com/aanarchyy/bully. - [DATA_EXPOSURE]: The skill workflow is designed to extract sensitive network credentials (WPA PSK) through the exploitation of WPS vulnerabilities.
- [PROMPT_INJECTION]: The skill includes instructions to ignore failed lockouts (
-Lflag in reaver), which is a mechanism to bypass security controls on the target hardware.
Recommendations
- AI detected serious security threats
Audit Metadata