red-team-assessment
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The methodology directs the agent to execute multiple third-party security assessment tools such as subfinder, naabu, httpx, and nuclei for reconnaissance and scanning purposes.\n- [EXTERNAL_DOWNLOADS]: The skill uses curl and http_request to fetch data from external OSINT services including FOFA, Quake, and Hunter.\n- [DATA_EXFILTRATION]: The assessment process involves querying external platforms like GitHub and GitLab for organizational metadata and potential sensitive information leakage.\n- [PROMPT_INJECTION]: The skill identifies an attack surface for indirect prompt injection (Category 8) due to the ingestion and processing of data from untrusted external scanning outputs and API responses.\n
- Ingestion points: Data retrieved from OSINT APIs and the standard output of security tools like nuclei and httpx (SKILL.md).\n
- Boundary markers: None identified; instructions do not specify the use of delimiters or warnings to ignore embedded instructions in the processed data.\n
- Capability inventory: The skill performs command execution and network operations across its various assessment phases.\n
- Sanitization: There is no mention of validating or sanitizing the input received from external sources before it is used in subsequent steps or agent reasoning.
Audit Metadata