exploit-dev-expert
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALDATA_EXFILTRATIONREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- DATA_EXFILTRATION (MEDIUM): The skill contains templates to access sensitive system files like /etc/passwd using shellcraft.cat and code to establish remote connections via shellcraft.connect, which can be leveraged for data theft.
- REMOTE_CODE_EXECUTION (MEDIUM): It utilizes the pwntools library to dynamically assemble and execute shellcode (asm, shellcraft.sh) and facilitates connecting to remote services (remote()) to deliver exploitation payloads.
- COMMAND_EXECUTION (MEDIUM): The skill provides the capability to execute local binary files via process() and provides an interactive interface using p.interactive(), which effectively grants shell access to the host system.
- EXTERNAL_DOWNLOADS (LOW): Automated scans flagged libc.so as a malicious URL; this is likely a false positive triggered by the reference to the standard Linux library path /lib/x86_64-linux-gnu/libc.so.6, but it confirms the skill's interaction with low-level system binaries.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata