API Fuzzing for Bug Bounty
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill provides numerous examples of bash commands (e.g., curl, kr scan) and exploit payloads (e.g., SQL injection, command injection strings). These are correctly presented as testing materials for security researchers and do not pose a threat to the execution environment when used as intended.- [EXTERNAL_DOWNLOADS] (SAFE): A curated list of third-party security tools from GitHub and other repositories is provided for reference. These are standard tools in the security community, and the skill does not automate their installation or execution.- [DATA_EXFILTRATION] (SAFE): References to external tracking services like iplogger.com are used as examples for Out-of-band (OOB) vulnerability testing and do not indicate malicious data exfiltration by the skill itself.
Audit Metadata