mitm-find-bizlogic
Fail
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: HIGHCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides automated shell commands and Bash loops designed to perform active exploitation. For example, it includes a script that launches concurrent background
curlprocesses to exploit race conditions in coupon redemption and payment systems. - [COMMAND_EXECUTION]: It provides detailed instructions for bypassing security controls and financial logic, such as manipulating price parameters, bypassing email verification flows, and accessing premium features without authorization.
- [INDIRECT_PROMPT_INJECTION]: The skill reads and processes untrusted data from
log.txt(captured network traffic) without implementing boundary markers or sanitization, creating a surface where malicious payloads in the traffic could influence the agent's behavior. - Ingestion points: Reads
log.txtviagrepcommands in SKILL.md. - Boundary markers: Absent; traffic data is processed directly.
- Capability inventory: Shell execution capabilities using
grepandcurlare present across the methodology. - Sanitization: No sanitization or escaping is performed on the data captured from the network logs before it is used in command templates or displayed.
Recommendations
- AI detected serious security threats
Audit Metadata