pentest-http-smuggling
Warn
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- COMMAND_EXECUTION (MEDIUM): The skill defines tool signatures that interact with powerful system utilities including Nmap, Netcat, and Curl. These tools are used for infrastructure fingerprinting and raw request piping, which can be used for unauthorized scanning or network exploitation if the target parameters are manipulated.
- EXTERNAL_DOWNLOADS (MEDIUM): The documentation references external security tools and scripts such as
smuggler.py,h2csmuggler, and Burp Suite extensions. While no direct download links are provided, the workflow relies on these unverifiable external dependencies being present in the environment. - DATA_EXFILTRATION (LOW): The
cdn_purgetool accepts sensitive credentials likeapi_keyandzone_id. While there is no evidence of these being sent to unauthorized third parties, handling these secrets increases the skill's risk profile. - INDIRECT_PROMPT_INJECTION (LOW): The skill is designed to ingest and analyze raw HTTP responses from external servers.
- Ingestion points: Tools like
python_socket_requestandcurl_tracecapture raw data from target servers. - Boundary markers: None identified in the provided tool definitions or workflows.
- Capability inventory: Includes raw socket writes, network scanning, and API calls to CDNs.
- Sanitization: No explicit sanitization or validation of the ingested HTTP response content is described before the agent processes it for 'Impact Validation'.
Audit Metadata