skills/mukul975/anthropic-cybersecurity-skills/collecting-open-source-intelligence/Gen Agent Trust Hub
collecting-open-source-intelligence
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches data from several well-known external services including Shodan (api.shodan.io), GitHub (api.github.com), SecurityTrails (api.securitytrails.com), and certificate transparency logs (crt.sh). These are standard endpoints for the skill's stated OSINT purpose.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8) due to its core function of ingesting untrusted data from the internet.
- Ingestion points:
scripts/agent.pyretrieves data from external APIs:crt.sh(subdomain names), Shodan (service banners, hostnames, and SSL certificate subjects), and GitHub (code search snippets and repository metadata). - Boundary markers: Absent. The script interpolates external data directly into its output report without using delimiters or instructions to ignore embedded commands.
- Capability inventory: The skill possesses network capabilities (
requestslibrary) and file system access (writing JSON reports inscripts/agent.py). - Sanitization: Absent. There is no evidence of sanitization or validation of the content retrieved from external sources before it is presented to the agent for synthesis.
Audit Metadata