path-traversal-lfi
Warn
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: MEDIUMPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill uses an 'AI LOAD INSTRUCTION' block that directs the agent to assume an 'Expert' persona for attacks and explicitly claims that standard 'base models' lack the necessary depth for these techniques, which attempts to influence the agent's safety and operational boundaries.
- [COMMAND_EXECUTION]: The playbook contains numerous executable command patterns for exploiting servers, including PHP log poisoning via specific HTTP headers, AJP protocol exploitation, and the use of 'pearcmd.php' for file creation and remote package installation.
- [EXTERNAL_DOWNLOADS]: The documentation references and encourages the use of several external third-party exploitation tools and repositories, such as 'synacktiv/php_filter_chain_generator', 'cnext-exploits', and 'iis_shortname_scanner.jar'.
- [DATA_EXFILTRATION]: The skill provides a detailed map of sensitive files to target for data theft, including system shadow files (/etc/shadow), SSH private keys (id_rsa), AWS credentials, and environment configuration files (.env) containing database secrets.
Audit Metadata