katana-crawl
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill documentation provides legitimate methodology for using 'katana', an industry-standard tool for web crawling and endpoint discovery.
- [COMMAND_EXECUTION]: Contains example commands for 'katana', 'subfinder', 'httpx', and 'nuclei'. These are intended for security researchers and do not involve unauthorized privilege escalation or dangerous shell execution.
- [INDIRECT_PROMPT_INJECTION]: The skill's primary function is to process data from external websites, which presents an indirect injection surface. This is an inherent risk of crawling tools, documented here with standard filtering and parsing commands.
Audit Metadata