Broken Authentication Testing
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill functions as a structured guide for identifying and testing authentication vulnerabilities. It contains methodology descriptions and best practices for security assessments.
- [COMMAND_EXECUTION]: Provides example commands for the Hydra brute-force tool and Python script snippets for session token analysis. These are documentation templates for security researchers and do not contain malicious payloads.
- [EXTERNAL_DOWNLOADS]: Mentions the use of external security wordlists such as SecLists and rockyou.txt, which are standard, well-known resources in the cybersecurity community.
- [CREDENTIALS_UNSAFE]: Contains lists of common default credentials (e.g., admin:admin) and common passwords. These are explicitly presented as testing payloads for documentation purposes and do not represent a leak of private user credentials.
Audit Metadata