skills/workersio/skills/fuzzer/Gen Agent Trust Hub

fuzzer

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses shell commands to locate existing fuzzing tools or install them using official package managers like brew or apt-get.- [COMMAND_EXECUTION]: The skill automates the compilation of target source code into instrumented binaries and links them with a generated harness.- [COMMAND_EXECUTION]: The skill executes the fuzzing engine, such as afl-fuzz, to detect memory and logic vulnerabilities in the target code.- [PROMPT_INJECTION]: The skill workflow presents an indirect prompt injection surface during the audit and harness creation phases.
  • Ingestion points: SKILL.md (Step 1) instructs the agent to read the entire target codebase.
  • Boundary markers: No specific delimiters or instructions to ignore embedded prompts are provided.
  • Capability inventory: The skill utilizes extensive command execution capabilities for tool installation and code compilation.
  • Sanitization: No explicit sanitization or validation of the codebase content is performed before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 05:05 PM
Security Audit — agent-trust-hub — fuzzer