hackthebox
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill frequently executes system commands to facilitate the penetration testing workflow, including network reachability checks (
ping,curl) and environment preparation. - [COMMAND_EXECUTION]: The skill uses
sudospecifically for managing OpenVPN tunnels and modifying the system/etc/hostsfile, which is necessary to ensure proper connectivity and name resolution for target machines on the HackTheBox network. - [EXTERNAL_DOWNLOADS]: The documentation references and provides instructions for downloading various specialized security tools and scripts from public GitHub repositories (e.g.,
blutter,reFlutter,pwntools,fpylll) to assist in solving specific technical challenges. - [REMOTE_CODE_EXECUTION]: The skill discusses remote code execution patterns extensively in the reference guides, but these are descriptions of vulnerabilities to be exploited on target systems as part of the challenges, rather than malicious behavior within the skill itself.
Audit Metadata