Skills
skills/jd-opensource/joysafeter/pentest-ctf-crypto/Gen Agent Trust Hub

pentest-ctf-crypto

Warn

Audited by Gen Agent Trust Hub on Feb 18, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • COMMAND_EXECUTION (HIGH): The function execute_command(command) in references/tools.md allows for the execution of arbitrary shell commands. This provides an unconstrained execution environment that could be used for persistence, privilege escalation, or data exfiltration if the agent's logic is subverted.
  • REMOTE_CODE_EXECUTION (MEDIUM): The sagemath_execute(script_content) tool allows for the execution of arbitrary SageMath scripts. Because SageMath is Python-based, this allows for general-purpose code execution within the environment.
  • DATA_EXFILTRATION (LOW): Multiple tools, including padding_oracle_attack and jwt_analyzer, accept external URLs as input. This creates a risk of Server-Side Request Forgery (SSRF) or out-of-band exfiltration of processed data to attacker-controlled servers.
  • INDIRECT_PROMPT_INJECTION (LOW): The skill lacks security boundaries for processing untrusted data. * Ingestion points: Ciphertext inputs, JWT tokens, hash files, and URL response data. * Boundary markers: None identified. * Capability inventory: Access to shell commands, script execution, and local file reading. * Sanitization: No sanitization or input validation logic is present in the provided skill files.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 18, 2026, 05:57 PM