Skills
skills/crtvrffnrt/skills/pentest-recon-surface-analysis/Gen Agent Trust Hub

pentest-recon-surface-analysis

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides command-line templates for the ffuf utility to assist in virtual host discovery and reconnaissance.
  • [PROMPT_INJECTION]: The skill includes an indirect prompt injection surface associated with the interpolation of external data into command strings. 1. Ingestion points: The $TARGET variable used in command templates. 2. Boundary markers: No delimiters or ignore instructions are present for the target input. 3. Capability inventory: Execution of shell commands via the ffuf tool. 4. Sanitization: No explicit instructions for sanitizing or escaping the $TARGET variable are included.
  • [SAFE]: The skill's instructions are consistent with its metadata and intended use for security assessments. It explicitly mandates that sensitive information like credentials should not be included in generated guidance.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 06:19 PM