Skills
skills/aradotso/trending-skills/shannon-ai-pentester/Gen Agent Trust Hub

shannon-ai-pentester

Fail

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires cloning an external repository from a source not included in the trusted vendors list.
  • Evidence: git clone https://github.com/KeygraphHQ/shannon.git in SKILL.md.
  • [COMMAND_EXECUTION]: The skill instructs the user to execute a local shell script (./shannon) that is part of the untrusted external repository.
  • Evidence: ./shannon start URL=https://your-app.example.com REPO=/path/to/your/repo in SKILL.md.
  • [CREDENTIALS_UNSAFE]: The skill asks the user to provide highly sensitive information, including API keys for multiple AI providers and credentials for the target application being tested.
  • Evidence: Instructions to set ANTHROPIC_API_KEY, AWS_SECRET_ACCESS_KEY, TARGET_PASSWORD, and TARGET_TOTP_SECRET in SKILL.md.
  • [INDIRECT_PROMPT_INJECTION]: The skill's primary function is to analyze source code and web application responses, which are untrusted data sources that could contain malicious instructions designed to influence the agent's behavior.
  • Ingestion points: REPO path (source code), URL (application responses).
  • Boundary markers: None specified in the instructions.
  • Capability inventory: Network operations (Nmap, exploits), file system access (reading repo), and subprocess execution (./shannon).
  • Sanitization: Not explicitly mentioned in the skill definition.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 18, 2026, 12:51 PM