Broken Authentication Testing
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a structured educational resource for identifying authentication vulnerabilities. It includes appropriate security constraints and legal warnings for testers.
- [COMMAND_EXECUTION]: Provides template commands for the 'hydra' brute-force tool. These commands are illustrative and intended for use by security professionals in controlled environments.
- [REMOTE_CODE_EXECUTION]: Contains a Python code snippet that uses the 'requests' library to demonstrate session token collection. The script is transparent and lacks any automated execution or malicious payload mechanisms.
- [CREDENTIALS_UNSAFE]: References common password lists and placeholder credentials (e.g., 'admin', '123456') for educational purposes in credential testing scenarios. No actual secrets are disclosed.
Audit Metadata