Skills
skills/ed1s0nz/cyberstrikeai/command-injection-testing/Gen Agent Trust Hub

command-injection-testing

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCOMMAND_EXECUTIONDATA_EXFILTRATIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • COMMAND_EXECUTION (HIGH): The skill provides an extensive list of payloads for executing arbitrary system commands (e.g., 'id', 'whoami', 'ipconfig') to demonstrate vulnerability impact. Evidence: Section 'Utilization Technology' in SKILL.md.
  • DATA_EXFILTRATION (HIGH): Functional payloads are included for exfiltrating sensitive files like '/etc/passwd' and the Windows SAM database to a remote server ('attacker.com') via curl, wget, and DNS lookups. Evidence: Section 'Blind Command Injection' in SKILL.md.
  • REMOTE_CODE_EXECUTION (HIGH): Ready-to-use scripts for establishing reverse shells using Bash, Netcat, and PowerShell are provided, which allow for remote takeover of the target system. Evidence: Section 'Reverse Shell' in SKILL.md.
  • EXTERNAL_DOWNLOADS (MEDIUM): Recommends the acquisition and execution of third-party tools such as 'commix' from external sources. Evidence: Section 'Tool Use' in SKILL.md.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 07:25 AM