fuzzer
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands to locate existing fuzzing tools or install them using official package managers like brew or apt-get.- [COMMAND_EXECUTION]: The skill automates the compilation of target source code into instrumented binaries and links them with a generated harness.- [COMMAND_EXECUTION]: The skill executes the fuzzing engine, such as afl-fuzz, to detect memory and logic vulnerabilities in the target code.- [PROMPT_INJECTION]: The skill workflow presents an indirect prompt injection surface during the audit and harness creation phases.
- Ingestion points: SKILL.md (Step 1) instructs the agent to read the entire target codebase.
- Boundary markers: No specific delimiters or instructions to ignore embedded prompts are provided.
- Capability inventory: The skill utilizes extensive command execution capabilities for tool installation and code compilation.
- Sanitization: No explicit sanitization or validation of the codebase content is performed before processing.
Audit Metadata