Private Network Security Scan
Fail
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: HIGHCOMMAND_EXECUTIONCREDENTIALS_UNSAFEDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes high-privilege network tools and a custom script (
scan_private_network) usingsudo, allowing it to perform deep network inspection and potentially execute arbitrary code with root privileges. - [CREDENTIALS_UNSAFE]: Explicitly requires
sudopermissions for thenmaputility and the custom discovery script, which bypasses standard user-level constraints and may lead to administrative credential exposure. - [COMMAND_EXECUTION]: The skill utilizes sensitive system utilities including
nmap,traceroute,dig,curl, andssh-keyscanwith scripts to interact with internal network services, which can be leveraged for unauthorized reconnaissance or service disruption. - [DATA_EXFILTRATION]: The skill is designed to map internal network topology and identify services, versions, and vulnerabilities on private hosts, performing extensive internal reconnaissance that reveals sensitive infrastructure details to the agent context.
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from the network environment which could influence agent behavior during report generation.
- Ingestion points: Host responses from
curl(HTTP headers),nmap(service banners), anddig(DNS zone transfers) are ingested in Phase 2. - Boundary markers: The skill does not define clear boundaries or 'ignore' instructions for the data interpolated into the report templates.
- Capability inventory: The agent possesses elevated privileges (
sudo), file system access (mkdir,cp,rm), and active network scanning capabilities. - Sanitization: No sanitization or escaping of the retrieved network data is performed before it is written to the final markdown report.
Recommendations
- AI detected serious security threats
Audit Metadata