ssrf-testing
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHDATA_EXFILTRATIONREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION] (HIGH): The skill provides actionable payloads to achieve remote command execution by exploiting internal Redis instances via the Gopher protocol, including a reverse shell targeting an external domain.
- [DATA_EXFILTRATION] (HIGH): Contains specific instructions for exfiltrating sensitive files like /etc/passwd and accessing cloud metadata endpoints to obtain IAM credentials and security tokens.
- [COMMAND_EXECUTION] (MEDIUM): Recommends the execution of external, unverified scripts (ssrfmap.py, gopherus.py) without providing secure sources or integrity validation.
- [DATA_EXFILTRATION] (LOW): Documents methods for internal reconnaissance and port scanning using SSRF to bypass network restrictions.
- [PROMPT_INJECTION] (LOW): Surface for indirect prompt injection exists as the skill ingests untrusted URL inputs. Ingestion points: URL parameters in testing methodology (File: SKILL.md). Boundary markers: Absent. Capability inventory: Network access, file system read (file://), and RCE via Gopher. Sanitization: Absent.
Recommendations
- AI detected serious security threats
Audit Metadata