mitm-find-referer
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a guide for security researchers to find sensitive data leaks in network headers. It uses standard tools like mitmproxy to capture and analyze traffic logs. No unauthorized data access, exfiltration, or command execution patterns were found.
- [INDIRECT_PROMPT_INJECTION]: The skill involves analyzing network traffic logs (log.txt), which are inherently untrusted sources. This presents a theoretical surface for indirect prompt injection where an attacker could influence the agent's analysis by crafting malicious network requests. However, as a security analysis tool, this data ingestion is necessary and expected, and no exploitable capabilities (such as network exfiltration or shell execution) are triggered by the analysis results.
Audit Metadata