internal-recon
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands to inspect local network configurations (e.g.,
ip addr,arp -a,net view) and perform active scanning with third-party tools likenmapandfscan. - [EXTERNAL_DOWNLOADS]: The documentation references external security tools including
fscan,httpx, andnmap. However, the skill does not implement automated downloading or installation of these tools, instead referring to a separate tool-delivery process. - [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection as it processes data from untrusted network environments through scanner results and local configuration files.
- Ingestion points: Scanner outputs (fscan, nmap) and network configuration files (/etc/hosts, /etc/resolv.conf) are processed by the agent.
- Boundary markers: Absent in instructions.
- Capability inventory: Extensive shell command execution across multiple files.
- Sanitization: No explicit sanitization or validation of tool output is described.
- This risk is evaluated as safe within the context of the skill's primary function of network reconnaissance.
Audit Metadata