social-engineering
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a reference for social engineering techniques, including phishing, pretexting, and physical security assessments. It provides methodologies and guidance for authorized security testing.
- [SAFE]: The homoglyph identified in the static analysis (comрany.com with Cyrillic 'р') is explicitly labeled as an educational example of a 'homograph' attack in the Business Email Compromise (BEC) section. It is not an attempt to hide a malicious URL from analysis.
- [SAFE]: Command snippets for tools like Gophish, Evilginx2, and the Social Engineering Toolkit (SET) are provided as documentation and reference material for security professionals. They are not configured for automated execution by the agent.
- [SAFE]: External references and API examples, such as the Twilio SMS integration, use standard placeholders (e.g., ACCT_ID, AUTH_TOKEN) and target well-known, legitimate services.
- [SAFE]: Phishing templates and pretexting scripts are illustrative examples meant for security awareness training and authorized campaigns, posing no threat to the user's local environment.
Audit Metadata