infrastructure
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses a wide range of system commands and specialized security tools (nmap, hping3, snmpwalk, bettercap, etc.) to perform network discovery and vulnerability assessment. Some operations require elevated privileges (sudo) for raw socket access or hardware interaction.
- [EXTERNAL_DOWNLOADS]: The skill references external threat intelligence APIs (AbuseIPDB, VirusTotal, Shodan) and uses Docker to pull official images for cross-architecture tool execution. These are used for legitimate reconnaissance and environment setup.
- [DATA_EXFILTRATION]: Modules are designed to identify and extract sensitive information from targets, such as credentials in process arguments (SNMP), cleartext passwords in IoT services (UPnP), and hardcoded secrets in network shares (SMB).
- [PROMPT_INJECTION]: The skill has a significant attack surface for indirect prompt injection due to its core functionality.
- Ingestion points: The agent is directed to read and parse untrusted data from multiple sources, including network service responses, file share contents (reference/smb-netbios-quickstart.md), and process list metadata (reference/service-enum.md).
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are provided for the agent when processing this external data.
- Capability inventory: The skill provides access to powerful tools across all reference files, including network scanners, shell command execution, and file system manipulation.
- Sanitization: No validation or sanitization steps are documented for the data retrieved from external network services before it is used in subsequent automated steps.
Audit Metadata