api-security
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references and provides installation instructions for several third-party security tools.\n
- Evidence: Installation commands for
ffuf,nuclei,jwt_tool,graphql-cop,arjun, andgrpcurl.\n - Context: These tools are sourced from well-known and reputable repositories on GitHub and package registries like PyPI, which is standard practice for a security testing toolkit.\n- [COMMAND_EXECUTION]: The skill provides numerous command-line instructions to facilitate API penetration testing.\n
- Evidence: Includes usage patterns for
curl,jq,ffuf,sqlmap,jwt_tool,grpcurl, andnuclei.\n - Context: These operations are consistent with the primary purpose of the skill and are intended to be run against external targets provided by the user.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its interaction with external data sources.\n
- Ingestion points: The skill fetches remote API specifications and documentation (e.g.,
swagger.json,openapi.json) usingcurl.\n - Boundary markers: No explicit delimiters or instructions are provided to the agent to isolate content from these external files from the skill's operational instructions.\n
- Capability inventory: The skill has access to powerful CLI tools (e.g.,
curl,ffuf,sqlmap,nuclei) that could be manipulated if an ingested specification contains malicious directives.\n - Sanitization: No sanitization of external specification content is described before it is processed by the agent.
Audit Metadata