target-profiling
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions direct the agent to execute various command-line reconnaissance tools for asset discovery, including subfinder, ksubdomain, and naabu.
- [DATA_EXFILTRATION]: The skill involves performing outbound network requests to external target domains using tools like httpx and curl for fingerprinting and banner grabbing.
- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks as it processes untrusted data from external reconnaissance tools. 1. Ingestion points: Data retrieved via evidence_list, list_vulns, and direct tool output (SKILL.md). 2. Boundary markers: The instructions lack explicit delimiters or safety markers for the processed data. 3. Capability inventory: The agent has access to subprocess execution for multiple security utilities (SKILL.md). 4. Sanitization: No sanitization or validation mechanisms are specified for the ingested external tool outputs.
Audit Metadata