wsdiscovery
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (LOW): The skill instructs the agent to run the
wsdiscoverycommand with hostnames or IP addresses provided by the user. This creates a potential risk for command injection if the agent or the underlying shell does not properly sanitize the input. - PROMPT_INJECTION (LOW): The skill is vulnerable to Indirect Prompt Injection. It parses and displays metadata (such as device names, manufacturers, and models) from XML responses sent by devices on the local network. A malicious device could be configured to broadcast crafted strings containing instructions to manipulate the agent. 1. Ingestion points: XML metadata fields from network-discovered devices. 2. Boundary markers: None present. 3. Capability inventory: Local command execution via the
wsdiscoverytool. 4. Sanitization: No sanitization or escaping of device-provided data is performed. - DATA_EXFILTRATION (LOW): The tool is designed to extract sensitive device identifiers, including serial numbers, firmware versions, and service endpoints (XAddrs). While this is consistent with its stated purpose as a scanner, it involves the processing of hardware-specific sensitive data.
Audit Metadata